Lucene search
K

10 matches found

Snyk
Snyk
added 2026/05/04 5:26 p.m.10 views

Incorrect Authorization

Overview org.apache.polaris:polaris-runtime-service is an a catalog for data lakes. It provides new levels of choice, flexibility and control over data, with full enterprise security and Apache Iceberg interoperability across a multitude of engines and infrastructure Affected versions of this...

9.9CVSS5.8AI score0.00364EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/19 4:42 p.m.5 views

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the HTTP request handling process. An attacker can execute unauthorized actions by sending crafted cross-site POST requests with a CORS-safelisted Content-Type, bypassing origin and content-type...

7.1CVSS5.8AI score0.00178EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/19 7:40 p.m.8 views

Improper Neutralization of Equivalent Special Elements

Overview vapor/leaf-kit is an an expressive, performant, and extensible templating language built for Swift. Affected versions of this package are vulnerable to Improper Neutralization of Equivalent Special Elements in the htmlEscaped function. An attacker can inject malicious HTML or JavaScript...

6.1CVSS5.6AI score0.0023EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/12/19 12:0 a.m.2 views

Fedora 42 : checkpointctl (2025-909f303a85)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-909f303a85 advisory. Update checkpointctl to 1.4.1 CVE-2025-47906 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

6.5CVSS6.8AI score0.00489EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/11/24 12:0 a.m.4 views

PT-2025-47881

A security vulnerability has been detected in Eigenfocus up to 1.4.0. This vulnerability affects unknown code of the component Description Handler. The manipulation of the argument entry.description/time entry.description leads to cross site scripting. The attack is possible to be carried out...

5.1CVSS6.1AI score0.00211EPSS
Exploits0References8
RustSec
RustSec
added 2025/10/15 12:0 p.m.6 views

DoS vulnerability on `alloy_dyn_abi::TypedData` hashing

An uncaught panic triggered by malformed input to alloydynabi::TypedData could lead to a denial-of-service DoS via eip712signinghash. Software with high availability requirements such as network services may be particularly impacted. If in use, external auto-restarting mechanisms can partially...

7.5CVSS6.8AI score0.00407EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/27 7:4 p.m.4 views

WordPress Transcoder Plugin <= 1.4.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Transcoder versions = 1.4.0...

6.5CVSS6AI score0.00154EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/08 12:0 a.m.5 views

PT-2024-39109 · Unknown · Gouniverse Golang Cms

Name of the Vulnerable Software and Affected Versions: Gouniverse GoLang CMS version 1.4.0 Description: A vulnerability was found in Gouniverse GoLang CMS, affecting the function PageRenderHtmlByAlias of the file FrontendHandler.go. The manipulation of the argument alias leads to cross-site...

6.1CVSS6.9AI score0.004EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2024/01/18 12:0 a.m.6 views

PT-2024-19279 · Nextcloud · Nextcloud Global Site Selector

Name of the Vulnerable Software and Affected Versions: Nextcloud Global Site Selector versions prior to 1.4.1 Nextcloud Global Site Selector versions prior to 2.1.2 Nextcloud Global Site Selector versions prior to 2.3.4 Nextcloud Global Site Selector versions prior to 2.4.5 Description: The...

9.8CVSS9.4AI score0.00755EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2020/01/14 12:0 a.m.3 views

PT-2020-19361 · Unknown +1 · Libiec61850 +1

Name of the Vulnerable Software and Affected Versions: libIEC61850 versions prior to 1.4.1 Description: The issue arises from a heap-based buffer overflow in the MmsValue decodeMmsData function when parsing the MMS BIT STRING data type. This occurs in the mms/iso mms/server/mms access result.c fi...

10CVSS8AI score0.02036EPSS
Exploits9References35
Rows per page
Query Builder