Lucene search
K

5 matches found

Snyk
Snyk
added 2026/06/19 9:15 p.m.4 views

Arbitrary Code Injection

Overview @tinacms/cli is a package used to set up your project with Tina Cloud configuration, and run a local version of the Tina Cloud content-api. Affected versions of this package are vulnerable to Arbitrary Code Injection through the addVariablesToCode/makeFieldsWithInternalCode process in...

7.8CVSS6.1AI score0.0017EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.7 views

PT-2026-28368

Name of the Vulnerable Software and Affected Versions Dovecot versions prior to 2.4.3 Description If the auth username chars setting is empty, an attacker can inject arbitrary LDAP filters into Dovecot's LDAP authentication process. This can bypass restrictions and allow probing of the LDAP...

7.7CVSS6AI score0.0079EPSS
Exploits7References31
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.3 views

PT-2026-28366

Name of the Vulnerable Software and Affected Versions Dovecot versions prior to 2.4.3 Description An attacker can send a crafted message before authentication, leading to excessive memory allocation within the managesieve component. This can cause the managesieve-login process to crash, potential...

8.2CVSS5.9AI score0.0079EPSS
Exploits7References64
Positive Technologies
Positive Technologies
added 2022/05/17 12:0 a.m.6 views

PT-2022-17983 · Apache · Apache Shenyu

Name of the Vulnerable Software and Affected Versions: Apache ShenYu incubating versions 2.4.0 through 2.4.2 Description: The issue arises from the use of Pattern.matches in RegexPredicateJudge.java, where both parameters are controllable by the user. This allows an attacker to pass in malicious...

7.5CVSS7.3AI score0.02434EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/01/08 12:0 a.m.6 views

PT-2022-1362 · Expat +12 · Expat +12

Name of the Vulnerable Software and Affected Versions: Expat aka libexpat versions prior to 2.4.3 Description: The issue is related to an integer overflow in the addBinding function of the Expat library. This could allow a remote attacker to execute arbitrary code on the system by persuading a...

10CVSS8.4AI score0.34174EPSS
Exploits16References313
Rows per page
Query Builder