Lucene search
K

5 matches found

Snyk
Snyk
added 2026/04/20 10:15 p.m.4 views

Missing Origin Validation in WebSockets

Overview Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets via missing origin validation in all WebSocket endpoints. An attacker can gain unauthorized access to authenticated WebSocket sessions by tricking a logged-in administrator into visiting a malicio...

8.1CVSS5.4AI score0.00176EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/30 4:23 p.m.2 views

Improper Validation of Integrity Check Value

Overview Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value through the Restore process in internal/backup/restore.go and internal/backup/manifest.go. An attacker can inject malicious configuration and gain arbitrary command execution by tampering wit...

9.4CVSS6.3AI score0.00328EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/01/18 12:0 a.m.6 views

PT-2024-19279 · Nextcloud · Nextcloud Global Site Selector

Name of the Vulnerable Software and Affected Versions: Nextcloud Global Site Selector versions prior to 1.4.1 Nextcloud Global Site Selector versions prior to 2.1.2 Nextcloud Global Site Selector versions prior to 2.3.4 Nextcloud Global Site Selector versions prior to 2.4.5 Description: The...

9.8CVSS9.4AI score0.00755EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/10/19 12:0 a.m.3 views

PT-2023-6589 · Apache +1 · Apache Santuario Xml Security For Java +1

Name of the Vulnerable Software and Affected Versions: Apache Santuario - XML Security for Java versions prior to 2.2.6 Apache Santuario - XML Security for Java versions prior to 2.3.4 Apache Santuario - XML Security for Java versions prior to 3.0.3 Description: The issue is related to the...

6.8CVSS6.3AI score0.01212EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2019/07/25 12:0 a.m.3 views

PT-2019-11494 · David Tschumperle · Cimg Library

Name of the Vulnerable Software and Affected Versions: CImg Library versions prior to 2.3.4 Description: The issue allows for command injection, potentially leading to Remote Code Execution RCE, due to a lack of string sanitization on user-controllable URLs when loading images using the load...

9.8CVSS8.2AI score0.04912EPSS
Exploits7References27
Rows per page
Query Builder