Lucene search
K

10 matches found

EUVD
EUVD
added 2026/06/28 4:30 a.m.9 views

EUVD-2026-39982

A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by hig...

6.3CVSS5.2AI score0.00189EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/07 9:45 p.m.6 views

CVE-2026-11461

A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function resolvesessionbytitle of the file hermesstate.py of the component resume Endpoint. Such manipulation of the argument Title leads to authorization bypass. It is possible to launch the attack remotel...

6.5CVSS6.1AI score0.00225EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/08 10:32 a.m.6 views

CVE-2026-3731

A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftpextensionsgetname/sftpextensionsgetdata of the file src/sftp.c of the component SFTP Extension Name Handler. Executing a manipulation of the argument idx can lead to out-of-bounds read. The attack may ...

6.9CVSS5.5AI score0.00631EPSS
Exploits0References7
Snyk
Snyk
added 2025/07/12 6:30 p.m.2 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the raft server protocol. An attacker can access sensitive server resources, including directories and files, by sending unauthenticated requests. Remediatio...

8.7CVSS7AI score0.00564EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/06/11 7:9 a.m.2 views

thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

7.5CVSS7.3AI score0.06793EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.2 views

thrift: Endless loop when feed with specific input data

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings...

7.8CVSS7.3AI score0.09082EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/24 11:13 a.m.3 views

thrift: Endless loop when feed with specific input data

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings...

7.8CVSS7.3AI score0.09082EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/23 8:13 p.m.4 views

thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

7.5CVSS7.3AI score0.06793EPSS
Exploits0References4
Symantec
Symantec
added 2019/10/17 12:0 a.m.91 views

Apache Thrift CVE-2019-0210 Remote Security Vulnerability

Description Apache Thrift is prone to a remote security vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apache Thrift versions 0.9.3 through 0.12.0 are vulnerable. Technologies Affected Apache...

1.4AI score0.06793EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2016/03/26 12:0 a.m.2 views

Apache Qpid Proton python API plaintext transfer vulnerability

Apache Qpid is an object-oriented messaging middleware developed by the Apache Software Foundation. The Proton python API is an API that supports the python language and implements the AMQP 1.0 protocol. A security vulnerability exists in the Apache Qpid Proton python API versions 0.9 through...

6.5CVSS6.6AI score0.04267EPSS
Exploits0References1
Rows per page
Query Builder