Lucene search
K

5 matches found

OSV
OSV
added 2026/06/23 5:33 p.m.6 views

GHSA-3W28-36P9-W929 Gogs's Unauthenticated Jupyter Notebook (ipynb) Sanitizer allows arbitrary data: URIs leading to XSS

Summary The Jupyter Notebook ipynb sanitizer endpoint at POST /-/api/sanitizeipynb allows arbitrary data: URIs without proper restrictions, potentially leading to Cross-Site Scripting XSS. The endpoint uses bluemonday.UGCPolicy with p.AllowURLSchemes"data" which permits all data URI schemes...

6.4CVSS6.1AI score0.00677EPSS
Exploits0References5
NVD
NVD
added 2026/04/30 10:16 p.m.6 views

CVE-2025-36180

IBM watsonx.data 2.2 through 2.3 IBM Lakehouse does not properly restrict communication between pods which could allow an attacker to transfer data between pods without restrictions...

7.5CVSS0.00186EPSS
Exploits0References1
CVE
CVE
added 2026/04/30 9:28 p.m.9 views

CVE-2025-36180

CVE-2025-36180 concerns IBM watsonx.data (Lakehouse) versions 2.2–2.3. The issue is an improper restriction of inter-pod communication, potentially allowing an attacker to transfer data between pods without restrictions. The vulnerability’s impact is described as data integrity risk within pod co...

7.5CVSS5.2AI score0.00186EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/04/27 12:0 a.m.6 views

The vulnerability of the PHP programming language interpreter allows attackers to gain access to confidential data and compromise its integrity.

The vulnerability of the PHP programming language interpreter lies in the lack of restrictions on data size during calculations. Exploiting this vulnerability allows a malicious actor to gain access to confidential data and compromise its integrity...

8.1CVSS6.5AI score0.01242EPSS
Exploits1References6Affected Software5
OSV
OSV
added 2023/03/28 1:15 p.m.4 views

CVE-2022-3683

A vulnerability exists in the SDM600 API web services authorization validation implementation. An attacker who successfully exploits the vulnerability could read data directly from a data store that is not restricted, or insufficiently protected, having access to sensitive data. This issue...

7.5CVSS5.8AI score0.00484EPSS
Exploits0References1
Rows per page
Query Builder