Lucene search
K

15 matches found

OSV
OSV
added 2026/05/12 9:44 a.m.6 views

SUSE-SU-2026:21628-1 Security update for helm

This update for helm fixes the following issues Security issues: - CVE-2025-55199: crafted JSON Schema can lead to out of memory OOM termination bsc1248093. - CVE-2026-35206: github.com/helm/helm: Helm: Files written to unexpected directory via specially crafted Chart bsc1261938. Non security...

6.5CVSS6.8AI score0.00311EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-0753

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.012EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 10:38 p.m.8 views

CVE-2022-28113

An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie...

9CVSS6.9AI score0.03652EPSS
Exploits2References1
Prion
Prion
added 2023/11/17 2:15 a.m.16 views

Unrestricted file upload

OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute...

7.5CVSS8.1AI score0.0144EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/17 12:0 a.m.12 views

CVE-2023-48031

OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute...

7.8AI score0.0144EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/11/17 12:0 a.m.20 views

CVE-2023-48031

OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute...

9.8AI score0.0144EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/10/27 12:0 a.m.3 views

Vagrant Security Vulnerabilities

Vagrant is a command line utility for managing the lifecycle of virtual machines. Isolates dependencies and their configurations in a single disposable and consistent environment. A security vulnerability exists in HashiCorp Vagrant versions prior to 2.4.0 that stems from the presence of...

7.8CVSS6.8AI score0.00223EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/03 12:0 a.m.4 views

ASUS RT-AC68U 安全漏洞

ASUS RT-AC68U is a router from Asus China. A security vulnerability exists in ASUS RT-AC68U router firmware versions prior to 3.0.0.4.386.41634, which stems from incorrect access control. An attacker can exploit the vulnerability to write arbitrary files to perform COPY and MOVE operations...

9.1CVSS8.5AI score0.01113EPSS
Exploits1References2
NVD
NVD
added 2022/10/26 3:15 p.m.33 views

CVE-2022-20955

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about these vulnerabilities, see the...

7.1CVSS0.00413EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/05/09 8:15 a.m.56 views

CVE-2022-30333

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract aka unpack operation, as demonstrated by creating a /.ssh/authorizedkeys file. NOTE: WinRAR and Android RAR are unaffected...

7.5CVSS7.2AI score0.98975EPSS
Exploits12References8
CNNVD
CNNVD
added 2022/04/11 12:0 a.m.3 views

Samsung Flow 安全漏洞

Samsung flow is an application for Samsung Samsung mobile devices, a software used to connect Samsung to Win10-based computers for a seamless, secure, and connected experience.An access control error vulnerability exists in versions prior to Samsung Flow 4.8.06.5, which stems from a lack of prope...

5.1CVSS5.6AI score0.00251EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/03/22 12:0 a.m.59 views

SUSE SLES15 Security Update : buildah (SUSE-SU-2022:0770-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0770-1 advisory. - The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and...

9.3CVSS6.5AI score0.02603EPSS
Exploits1References9
OSV
OSV
added 2020/07/29 2:15 p.m.3 views

CVE-2020-2076

SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send unauthorized requests, bypass current authentication controls presented by the application and could potentially write fil...

9.8CVSS7.3AI score0.01261EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/01 12:0 a.m.2 views

cPanel Input Validation Error Vulnerability (CNVD-2019-26371)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An input validation error vulnerability exists in versions of cPanel prior to 78.0.2. The vulnerability stems from a web-based...

5.3CVSS6.8AI score0.00767EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2006/08/08 12:0 a.m.6 views

PT-2006-4865 · Php +1 · Php +1

Name of the Vulnerable Software and Affected Versions: PHP versions 4.4.3 and earlier PHP versions 5.1.4 and earlier Description: The issue allows context-dependent attackers to execute arbitrary code via a sscanf PHP function call that performs argument swapping. This can trigger a buffer...

9.3CVSS7.5AI score0.06357EPSS
Exploits3References52
Rows per page
Query Builder