Lucene search
K

5 matches found

EUVD
EUVD
added 2026/06/26 3:32 p.m.6 views

EUVD-2025-210350

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.6, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.6 and 2.0.7, which fixes the issue...

9.1CVSS5.7AI score0.00382EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 9:35 a.m.7 views

CVE-2024-41888

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The password reset link remains valid within its expiration period even after it has been used. This could potentially lead to the link being misused or hijacked...

5.3CVSS7AI score0.01222EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/09 12:0 a.m.4 views

PT-2024-29621 · Apache · Apache Answer

Name of the Vulnerable Software and Affected Versions: Apache Answer versions through 1.3.5 Description: The issue affects Apache Answer, where a user can send multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link...

6.3CVSS7.4AI score0.01149EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/08/09 12:0 a.m.3 views

PT-2024-29619 · Apache · Apache Answer

Name of the Vulnerable Software and Affected Versions: Apache Answer versions through 1.3.5 Description: The password reset link remains valid within its expiration period even after it has been used, potentially leading to misuse or hijacking. Recommendations: For Apache Answer versions through...

6.3CVSS7.4AI score0.01222EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/01/27 12:0 a.m.3 views

PT-2023-11827 · Unknown · Net::Ldaps +1

Name of the Vulnerable Software and Affected Versions: Apache::Session::Browseable versions prior to 1.3.6 Description: The issue concerns the validity check of the X.509 certificate when connecting to remote LDAP backends. By default, the validity of the X.509 certificate is not checked due to t...

8.1CVSS7.8AI score0.00559EPSS
Exploits1References19
Rows per page
Query Builder