Lucene search
+L

148272 matches found

osv
osv
added tomorrow4 views

UBUNTU-CVE-2026-12391

An insecure symlink following vulnerability exists in Canonical ubuntu-pro-client formerly ubuntu-advantage-tools within the pro collect-logs command framework. The utility creates or utilizes predictable temporary file paths or user-accessible log directories when gathering diagnostic informatio...

5CVSS6.1AI score
Exploits0References3
osv
osv
added tomorrow4 views

UBUNTU-CVE-2026-11386

An input validation and injection vulnerability exists in Canonical ubuntu-pro-client formerly ubuntu-advantage-tools. The client constructs APT source files such as /etc/apt/sources.list.d/ubuntu-.list or their DEB822 equivalents using data received directly from the contract server response via...

9CVSS6.4AI score
Exploits0References3
wordfence
wordfence
added 2 hours ago4 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (July 6, 2026 to July 12, 2026)

Last week, there were 267 vulnerabilities disclosed in 222 WordPress Plugins and 6 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 136 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...

6.3AI score
Exploits0
nvd
nvd
added 2 hours ago5 views

CVE-2026-55629

Whistle is an HTTP, HTTP2, HTTPS, and WebSocket debugging proxy. Prior to 2.10.3, lib/service/service.js handles GET /cgi-bin/temp/get by reading req.query.filename, joining it to TEMPFILESPATH only when it matches the temporary file pattern, and otherwise passing the user-supplied filename...

8.7CVSS
Exploits0References3
github
github
added 2 hours ago3 views

ArcadeDB: Privilege escalation via reader role in /api/v1/command JS scripting language — arbitrary host file read

Impact A user holding only reader read-only privileges on a single database could execute arbitrary JVM code by sending a "language": "js" command to the POST /api/v1/command/database HTTP endpoint, and use it to read arbitrary files on the host filesystem e.g. /etc/passwd, configuration files,...

6.4AI score
Exploits0References3Affected Software1
github
github
added 2 hours ago4 views

ArcadeDB: IMPORT DATABASE allows SSRF and arbitrary local file read by authenticated users

Impact The SQL IMPORT DATABASE statement did not require administrative privileges and passed its source URL to the importer without validation. Any authenticated user with SQL command access not only root/administrators could therefore: - Server-Side Request Forgery CWE-918: cause the server to...

6.2AI score
Exploits0References3Affected Software1
githubexploit
githubexploit
added 2 hours ago5 views

Exploit for CVE-2024-25600

BricksRCE Exploiter CVE-2024-25600 — WordPress Bricks Bui...

10CVSS7.5AI score0.88234EPSS
Exploits19
github
github
added 3 hours ago3 views

Nuclio: Unauthenticated path traversal in spec.handler allows arbitrary file write in Dashboard container

Summary Nuclio Dashboard exposes POST /api/functions without authentication by default NOP auth mode. The spec.handler field e.g., mymodule:myfunction is parsed by functionconfig.ParseHandler which splits on : only — no path validation is applied to the module portion. During function build,...

6.3AI score
Exploits0References5Affected Software1
github
github
added 3 hours ago3 views

Nuclio: Unsanitized runtimeAttributes.repositories injected into Groovy build.gradle leads to build-time RCE

Summary Nuclio's Java runtime generates a build.gradle file during function builds using Go's text/template package. The template renders runtimeAttributes.repositories values with the . action, which performs no escaping. An attacker can embed a closing brace to break out of the repositories blo...

6.5AI score
Exploits0References5Affected Software1
github
github
added 3 hours ago3 views

Envoy Gateway: Authentication Bypass via Improper Input Validation in EnvoyExtensionPolicy Lua Allows Secret Disclosure

Impact The toabsolutenormalizedpath function security.lua:28-43 does not collapse redundant path separators // → /. On Linux, //etc/passwd is equivalent to /etc/passwd POSIX path semantics, but iscriticalpath fails to match the double-slash variant because //etc/passwd does not start with /etc/...

6.1AI score0.0004EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 3 hours ago6 views

CVE-2026-55629 Whistle: Path traversal

Whistle is an HTTP, HTTP2, HTTPS, and WebSocket debugging proxy. Prior to 2.10.3, lib/service/service.js handles GET /cgi-bin/temp/get by reading req.query.filename, joining it to TEMPFILESPATH only when it matches the temporary file pattern, and otherwise passing the user-supplied filename...

8.7CVSS
Exploits0References3
attackerkb
attackerkb
added 3 hours ago3 views

CVE-2026-55629

Whistle is an HTTP, HTTP2, HTTPS, and WebSocket debugging proxy. Prior to 2.10.3, lib/service/service.js handles GET /cgi-bin/temp/get by reading req.query.filename, joining it to TEMPFILESPATH only when it matches the temporary file pattern, and otherwise passing the user-supplied filename...

8.7CVSS6.2AI score
Exploits0References4Affected Software1
cve
cve
added 3 hours ago5 views

CVE-2026-55629

CVE-2026-55629 affects Whistle (HTTP/HTTP2/HTTPS/WebSocket proxy). Before 2.10.3, the code path in lib/service/service.js for GET /cgi-bin/temp/get uses req.query.filename and joins it to TEMP_FILES_PATH only if it matches the temp-file pattern; otherwise it passes the user-supplied filename to g...

8.7CVSS6.2AI score
Exploits0References3
euvd
euvd
added 3 hours ago3 views

EUVD-2026-45030

Whistle is an HTTP, HTTP2, HTTPS, and WebSocket debugging proxy. Prior to 2.10.3, lib/service/service.js handles GET /cgi-bin/temp/get by reading req.query.filename, joining it to TEMPFILESPATH only when it matches the temporary file pattern, and otherwise passing the user-supplied filename...

8.7CVSS6.2AI score
Exploits0References3
ossf
ossf
added 4 hours ago5 views

Malicious code in nordpass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9df6f21fababcd99ba522d380a0729d35aa4ff44ee2f6612fe75b906da844aee Package name impersonates the NordPass password-manager product while presenting itself as 'A simple authentication module.' The package.json...

6.2AI score
Exploits0References1
ossf
ossf
added 4 hours ago3 views

Malicious code in infrastructure-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d64169ae87d8d9eaad199be028a70610f025f61e0c947838c05c24a1dd4d5578 package.json declares a preinstall lifecycle script that runs node -e to issue an HTTP GET to a Burp Collaborator subdomain at...

6.4AI score
Exploits0References1
ossf
ossf
added 4 hours ago3 views

Malicious code in myreviews-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c41d5d4352e265f0efbc0089a19c5773ceeb76c0265831eeeeca19151fe4f64 package.json declares a postinstall lifecycle hook that runs node -e to issue an HTTPS GET to a hardcoded webhook.site collector URL, appending the...

6.1AI score
Exploits0References1
ossf
ossf
added 4 hours ago3 views

Malicious code in date-utils-light (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99bd644fd9a59518d6f77e8d76c077ffef8a2afdc7ae2b00a6ca87299879a671 Package presents itself as a trivial date-formatting utility index.js exports a one-line ISO date helper but ships a postinstall.js that runs...

6.2AI score
Exploits0References1
ossf
ossf
added 4 hours ago3 views

Malicious code in @hibachi-xyz/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54956c91d0cedbe9097a2a8f7fa864382bd3b5a91ba7ccbe4a0219081be711f9 index.js the package main executes at require-time and performs credential and host exfiltration. It iterates process.env and filters keys matching a...

6.1AI score
Exploits0References1
ossf
ossf
added 4 hours ago3 views

Malicious code in @across-toolkit/typescript-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5580d26d1829c9faf6465962431399aee9804c8ed1264274b30b9ce42f274bd9 Package impersonates the across-protocol organization published as @across-toolkit/[email protected], a high-version dependency-confusion shap...

6.1AI score
Exploits0References2
Rows per page
Query Builder