Lucene search
K

4 matches found

Nuclei
Nuclei
added 12 hours ago16 views

Google ADK-Python - Unauthenticated Builder Endpoint

Google Agent Development Kit ADK 1.7.0 through 1.28.1 and 2.0.0a1 through 2.0.0a2 on Python OSS, Cloud Run, and GKE contains a code injection and missing authentication vulnerability, letting unauthenticated remote attackers execute arbitrary code on the server, exploit requires no authentication...

10CVSS6.2AI score0.01816EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/13 10:41 p.m.2 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the processing of stream headers within ASF files due to improper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer. An attacker can achieve arbitrary code...

8.5CVSS6.5AI score0.00773EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/06 5:44 p.m.2 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the proxy endpoint. An attacker can access internal network resources and sensitive information by sending crafted HTTP GET requests to internal IP addresses through the endpoint. Note: This is only...

6.9CVSS5.9AI score0.00755EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2023/03/06 12:0 a.m.3 views

PT-2023-21150 · Unknown · Quickentity-Editor-Next

Name of the Vulnerable Software and Affected Versions: quickentity-editor-next versions prior to 1.28.1 Description: The issue concerns an open source, system local, video game asset editor. In affected versions, HTML tags in entity names are not sanitized, leading to an XSS vulnerability. This...

8.2CVSS6.4AI score0.00323EPSS
Exploits0References6
Rows per page
Query Builder