Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-55153

A flaw was found in mchange-commons-java, a Java utility library. This vulnerability allows a remote attacker to achieve arbitrary code execution through Java Naming and Directory Interface JNDI injection. The library's JNDI ObjectFactory can construct objects of arbitrary classes and initialize...

7.5CVSS6.5AI score0.00327EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

req 注入漏洞

“req” is a simple Go HTTP client developed by a Roc individual using Black Magic. Versions of “req” from 0.5.3 to 0.6.0 had an injection vulnerability. This vulnerability stemmed from improper neutralization of CRLF sequences, which could lead to multipart parameter smuggling through parts of the...

2.1CVSS5.3AI score0.00178EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.7 views

Fedora 44 : rust-sequoia-git (2026-0a72408e1b)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0a72408e1b advisory. Update to version 0.6.0. Addresses RUSTSEC-2026-0109. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

5.8AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/04/22 8:23 p.m.6 views

08cms (=1.0.0), 0uth (>=1.0.5 <=1.2.1) +13070 more potentially affected by CVE-2026-41673 via xmldom (>=0.1.11 <=0.6.0)

xmldom NPM version =0.1.11, =1.0.5, =1.0.0, =1.0.0, =1.7.3, =0.1.0, =0.0.2, =0.0.1, =1.0.2, =1.0.3, =1.0.23, =1.0.1, =1.3.1 and more Source cves: CVE-2026-41673 Source advisory: SNYK:JS-XMLDOM-16134529...

8.7CVSS5.7AI score0.00643EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/22 8:16 p.m.8 views

08cms (=1.0.0), 0uth (>=1.0.5 <=1.2.1) +13070 more potentially affected by CVE-2026-41672 via xmldom (>=0.1.11 <=0.6.0)

xmldom NPM version =0.1.11, =1.0.5, =1.0.0, =1.0.0, =1.7.3, =0.1.0, =0.0.2, =0.0.1, =1.0.2, =1.0.3, =1.0.23, =1.0.1, =1.3.1 and more Source cves: CVE-2026-41672 Source advisory: OSV:GHSA-J759-J44W-7FR8...

8.7CVSS5.7AI score0.00365EPSS
Exploits0
Snyk
Snyk
added 2026/03/11 2:53 p.m.2 views

Always-Incorrect Control Flow Implementation

Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to incorrect state handling in nested execution paths involving the ICS20 precompile. An attacker can repeatedly utilize the same token balance within a single transaction by exploiting...

9.8CVSS5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.6 views

PT-2025-45102

Name of the Vulnerable Software and Affected Versions Doris MCP Server versions prior to 0.6.0 Description An attacker with a valid read-only account can bypass the Doris MCP Server’s read-only mode due to improper access control. This allows modifications that should have been prevented by...

5.4CVSS6.6AI score0.00336EPSS
Exploits0References6
OSV
OSV
added 2025/09/17 12:0 p.m.5 views

RUSTSEC-2025-0070 Pingora MadeYouReset HTTP/2 vulnerability

Pingora deployments using versions prior to 0.6.0 that include HTTP/2 server support may be affected by the vulnerability described in CVE-2025-8671. Under certain conditions, Pingora applications may allocate buffers before the HTTP/2 reset and resulting stream cancellation is processed by the...

7.5CVSS6.8AI score0.04604EPSS
Exploits3References5
vulnersOsv
vulnersOsv
added 2021/05/10 6:37 p.m.5 views

@amitport/koangular-users (=0.0.0), @antimatter-studios/dredd (>=14.1.0 <=15.0.11) +202 more potentially affected by CVE-2020-7709 via json-pointer (>=0.0.4 <=0.6.0)

json-pointer NPM version =0.0.4, =14.1.0, =0.0.1, =0.0.2, =0.0.1, =1.2.6, =2.7.2, =1.0.0, =0.0.0-development, =1.0.0, =2.21.3, =0.1.0, =1.0.1 - ajv-moment =1.0.0 and more Source cves: CVE-2020-7709 Source advisory: OSV:GHSA-7MG4-W3W5-X5PC...

7.2CVSS6.7AI score0.01783EPSS
Exploits1
Cvelist
Cvelist
added 2020/12/15 2:55 p.m.31 views

CVE-2020-8936 Arbitrary enclave memory overwrite vulnerability in ECall ecall_restore

An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to UntrustedCall. UntrustedCall failed to validate the buffer range within sgxparams and allowed the host to return a pointer that was an address within the enclave memory. This allowe...

5.3CVSS5.5AI score0.00133EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2008/01/04 11:46 a.m.3 views

CVE-2007-6664

SQL injection vulnerability in index.php in WebPortal CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter...

7.5CVSS6.3AI score0.02307EPSS
Exploits1References5
securityvulns
securityvulns
added 2004/06/04 12:0 a.m.23 views

DOS@Orenosv

DOSOrenosvHTTPd.bat @echo on :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :Application: Orenosv Server :Vendors: http://home.comcast.net/makataoka/orenosv060.zip :Version: =0.6.0 :Platforms: Windows :Bug: D.O.S :Date: 2004-06-02 :Author: CoolICE :E-mail: CoolICEChina.com...

1AI score
Exploits0
Rows per page
Query Builder