Lucene search
+L

25 matches found

Nuclei
Nuclei
added 8 hours ago157 views

NestJS DevTools Integration - Remote Code Execution

Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution RCE vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP server with an API...

9.4CVSS9.4AI score0.43921EPSS
Exploits4References3
EUVD
EUVD
added 2026/07/10 7:9 a.m.9 views

EUVD-2026-42833

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache IoTDB. An attacker can write arbitrary files anywhere the IoTDB process has write permissions with unsafe API. This issue affects Apache IoTDB: from 1.0.0 before 2.0.10. Users are recommended to...

9.1CVSS6.2AI score0.00349EPSS
Exploits0References1
CVE
CVE
added 2026/07/10 7:9 a.m.9 views

CVE-2026-40005

CVE-2026-40005 is a path traversal vulnerability in Apache IoTDB. The issue arises from improper limitation of a pathname to a restricted directory, allowing an attacker to write arbitrary files anywhere the IoTDB process has write permissions via an unsafe API. Affected versions are IoTDB 1.0.0 ...

9.1CVSS6.2AI score0.00349EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/10 7:9 a.m.11 views

CVE-2026-40005

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache IoTDB. An attacker can write arbitrary files anywhere the IoTDB process has write permissions with unsafe API. This issue affects Apache IoTDB: from 1.0.0 before 2.0.10. Users are recommended to...

9.1CVSS6.2AI score0.00349EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/10 7:9 a.m.32 views

CVE-2026-40005 Apache IoTDB: Path Traversal in Pipe File Transfer Receiver

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache IoTDB. An attacker can write arbitrary files anywhere the IoTDB process has write permissions with unsafe API. This issue affects Apache IoTDB: from 1.0.0 before 2.0.10. Users are recommended to...

0.00349EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/12 12:0 a.m.13 views

PT-2026-2287

Name of the Vulnerable Software and Affected Versions Label Studio versions prior to 1.22.0 Description Label Studio is a multi-type data labeling and annotation tool. A persistent stored cross-site scripting XSS issue exists in the custom hotkeys functionality. An authenticated attacker, or...

8.6CVSS5.8AI score0.00243EPSS
Exploits1References17
OSV
OSV
added 2025/11/12 9:36 p.m.6 views

GHSA-HC7M-R6V8-HG9Q Wasmtime provides unsound API access to a WebAssembly shared linear memory

Impact Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear memory. This is not sound for shared linear memories, which could be modified in paralle...

1.8CVSS6.5AI score0.00107EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2025/07/15 5:6 p.m.25 views

GitHub Kanban MCP Server vulnerable to Command Injection

The MCP Server at https://github.com/Sunwood-ai-labs/github-kanban-mcp-server/ is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. Vulnerable tool The MCP Server exposes the tool addcomment which...

9.3CVSS7.7AI score0.01287EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/14 8:30 p.m.11 views

CVE-2025-53818 github-kanban-mcp-server Command Injection vulnerability

GitHub Kanban MCP Server is a Model Context Protocol MCP server for managing GitHub issues in Kanban board format and streamlining LLM task management. Version 0.3.0 of the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Serv...

9.3CVSS7.2AI score0.01287EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/03/20 10:9 a.m.15 views

CVE-2024-7819 CORS Misconfiguration in danswer-ai/danswer

A CORS misconfiguration in danswer-ai/danswer v1.4.1 allows attackers to steal sensitive information such as chat contents, API keys, and other data. This vulnerability occurs due to improper validation of the origin header, enabling malicious web pages to make unauthorized requests to the...

7.4CVSS0.00261EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/02/14 5:31 p.m.11 views

Fyrox has unsound usages of `Vec::from_raw_parts`

The library provides a public safe API transmutevecasbytes, which incorrectly assumes that any generic type T could have stable layout, causing to uninitialized memory exposure if the users pass any types with padding bytes as T and cast it to u8 pointer. In the issue, we develop a PoC to show...

7AI score
Exploits0References5Affected Software1
OSV
OSV
added 2024/12/23 7:28 p.m.6 views

GHSA-F7QJ-V3VP-4856 libafl has unsound usages of `core::slice::from_raw_parts_mut`

The library breaks the safety assumptions when using unsafe API slice::fromrawpartsmut. The pointer passed to fromrawpartsmut is misaligned by casting u8 to u16 raw pointer directly, which is unsound. The bug is patched by using alignoffset, which could make sure the memory address is aligned to ...

6.9CVSS7.2AI score
Exploits0References6
Github Security Blog
Github Security Blog
added 2024/12/23 7:28 p.m.24 views

libafl has unsound usages of `core::slice::from_raw_parts_mut`

The library breaks the safety assumptions when using unsafe API slice::fromrawpartsmut. The pointer passed to fromrawpartsmut is misaligned by casting u8 to u16 raw pointer directly, which is unsound. The bug is patched by using alignoffset, which could make sure the memory address is aligned to ...

7.2AI score
Exploits0References6Affected Software1
OSV
OSV
added 2024/12/19 12:0 p.m.6 views

RUSTSEC-2024-0424 Unsound usages of `core::slice::from_raw_parts_mut`

The library breaks the safety assumptions when using unsafe API slice::fromrawpartsmut. The pointer passed to fromrawpartsmut is misaligned by casting u8 to u16 raw pointer directly, which is unsound. The bug is patched by using alignoffset, which could make sure the memory address is aligned to ...

7.2AI score
Exploits0References4
OSV
OSV
added 2024/12/19 12:0 p.m.6 views

RUSTSEC-2024-0435 Unsound usages of `Vec::from_raw_parts`

The library provides a public safe API transmutevecasbytes, which incorrectly assumes that any generic type T could have stable layout, causing to uninitialized memory exposure if the users pass any types with padding bytes as T and cast it to u8 pointer. In the issue, we develop a PoC to show...

7AI score
Exploits0References4
OSV
OSV
added 2024/12/05 7:5 p.m.8 views

GHSA-GW5W-5J7F-JMJJ Unsound usages of `std::slice::from_raw_parts`

The library breaks the safety assumptions when using unsafe API std::slice::fromrawparts. First, when using the API in iterator implementation TempFdArrayIterator.next, generic type could be any type, which would create and pass a misaligned pointer to the unsafe API. Second, when validating the...

7.5AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/12/05 7:5 p.m.23 views

Unsound usages of `std::slice::from_raw_parts`

The library breaks the safety assumptions when using unsafe API std::slice::fromrawparts. First, when using the API in iterator implementation TempFdArrayIterator.next, generic type could be any type, which would create and pass a misaligned pointer to the unsafe API. Second, when validating the...

7.5AI score
Exploits0References3Affected Software1
OSV
OSV
added 2024/12/04 12:0 p.m.5 views

RUSTSEC-2024-0408 Unsound usages of `std::slice::from_raw_parts`

The library breaks the safety assumptions when using unsafe API std::slice::fromrawparts. First, when using the API in iterator implementation TempFdArrayIterator.next, generic type could be any type, which would create and pass a misaligned pointer to the unsafe API. Second, when validating the...

7.5AI score
Exploits0References4
Wallarm Lab
Wallarm Lab
added 2023/10/14 1:15 p.m.31 views

2023 OWASP Top-10 Series: Wrap Up

Over the past several months, we've taken a journey through the new 2023 OWASP API Security Top-10 list. In the previous 12 weekly posts, we've delved into each category, discussed what it is, how it's exploited, why it matters, and suggested effective protections for each. Now, as we conclude th...

7.5AI score
Exploits0
Fedora
Fedora
added 2022/07/04 1:35 a.m.38 views

[SECURITY] Fedora 36 Update: golang-github-francoispqt-gojay-1.2.13-7.fc36

GoJay is a performant JSON encoder/decoder for Golang currently the most performant, see benchmarks. It has a simple API and doesn't use reflection. It relies on small interfaces to decode/encode structures and slices. Gojay also comes with powerful stream decoding features and an even faster...

9.3CVSS8AI score0.0995EPSS
Exploits4
Rows per page
Query Builder