Lucene search
K

9 matches found

Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.16 views

PT-2026-51282

Name of the Vulnerable Software and Affected Versions Apache NiFi versions 1.15.0 through 2.9.0 Description Authorization handling for component configuration verification requests allows clients with read access to submit proposed configuration properties. These proposed properties override the...

6.3CVSS5.8AI score0.00327EPSS
Exploits0References7
Snyk
Snyk
added 2026/05/11 2:45 p.m.8 views

Server-side Request Forgery (SSRF)

Overview guarddog is a GuardDog is a CLI tool to Identify malicious PyPI packages Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the scanremote function for remote project scanning. An attacker can access sensitive authentication credentials and interact...

8.3CVSS5.5AI score0.00198EPSS
Exploits0References2
OSV
OSV
added 2026/02/26 10:46 p.m.5 views

GHSA-FVFV-PPW4-7H2W n8n has a Guardrail Node Bypass

Impact An end user interacting with a workflow that uses the Guardrail node could craft an input that bypasses the default guardrail instructions. Patches The issue has been fixed in n8n version 2.10.0. Users should upgrade to this version or later to remediate the vulnerability. Workarounds If...

6.3CVSS5.4AI score
Exploits0References4
Snyk
Snyk
added 2026/02/01 6:34 a.m.2 views

Insufficiently Protected Credentials

Overview kimai-mcp is a MCP server for Kimai time-tracking API integration Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the HTTP response handling logic that sets the X-Session-ID header. An attacker can hijack user sessions by observing session...

6.9CVSS5.6AI score
Exploits0References3
OSV
OSV
added 2025/08/01 1:3 p.m.4 views

OESA-2025-1942 apache-commons-vfs security update

Commons VFS provides a uniform view of files through a single API which is designed for accessing various different file systems. These file systems could be a local disk, an HTTP server or a ZIP archive file. The key features are listed as follows: The API is consistent among various file types...

7.5CVSS6.6AI score0.01277EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/03/25 4:39 a.m.5 views

SUSE CVE-2025-27553

Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0. The FileObject API in Commons VFS has a 'resolveFile' method that takes a 'scope' parameter. Specifying 'NameScope.DESCENDENT' promises that "an exception is thrown if the resolved file is not a descendent of the base file...

5.3CVSS7AI score0.01277EPSS
Exploits0References5
OSV
OSV
added 2025/03/23 3:15 p.m.6 views

UBUNTU-CVE-2025-30474

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the exception messag...

5CVSS7.1AI score0.00776EPSS
Exploits0References5
PyPA
PyPA
added 2024/08/21 4:15 p.m.12 views

PYSEC-2024-181

Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link. This would require the provider to be installed on the web server and theuser to click the provid...

6.1CVSS6.5AI score0.01804EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.6 views

PT-2022-23102

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description The issue occurs when RandomPoissonV2 receives large input shape and rates,...

7.5CVSS7.1AI score0.00396EPSS
Exploits0References12
Rows per page
Query Builder