Lucene search
K

7 matches found

Snyk
Snyk
added 2026/03/24 8:30 p.m.4 views

Unintended Proxy or Intermediary ('Confused Deputy')

Overview @astrojs/vercel is a Deploy your site to Vercel Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the x-astro-path header or xastropath query parameter, which allows overriding internal request paths without authentication. An...

9.1CVSS5.8AI score0.00331EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/10/21 12:0 a.m.3 views

PT-2025-42903

Name of the Vulnerable Software and Affected Versions Confluence Data Center versions prior to 8.5.25 Confluence Data Center versions prior to 9.2.7 Confluence Data Center versions prior to 10.0.2 Description The software contains a High severity Denial of Service DoS issue. This allows an attack...

8.3CVSS6.6AI score0.00459EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-31068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected version...

5.3CVSS5.6AI score0.0085EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-38479

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.5...

7.5CVSS5.5AI score0.00935EPSS
Exploits0References2
OSV
OSV
added 2024/11/14 10:15 a.m.2 views

UBUNTU-CVE-2024-38479

Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue...

7.5CVSS5.8AI score0.00935EPSS
Exploits0References6
OSV
OSV
added 2024/11/14 10:15 a.m.2 views

UBUNTU-CVE-2024-50305

Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue...

7.5CVSS5.8AI score0.00941EPSS
Exploits1References8
OSV
OSV
added 2022/06/28 6:15 p.m.3 views

UBUNTU-CVE-2022-31056

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance forms Ticket/Change/Problem permit sql injection on the actor fields. This issue has been resolved in version 10.0.2 and...

9.8CVSS7.2AI score0.0858EPSS
Exploits3References3
Rows per page
Query Builder