Lucene search
K

9 matches found

Vulnrichment
Vulnrichment
added 2026/06/02 7:8 p.m.9 views

CVE-2026-10584 HTTPS Fallback to HTTP in Graph Explorer

Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive information via interception of requests intended to be sent over HTTPS. To remediate this issue, users should upgrade to Graph Explorer...

8.2CVSS5.8AI score0.00101EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/18 1:7 a.m.4 views

Arbitrary Argument Injection

Overview Affected versions of this package are vulnerable to Arbitrary Argument Injection via unsanitized volumeHandle and mounttargetip fields. An attacker can inject unauthorized mount options by supplying specially crafted values to these fields when creating a PersistentVolume, resulting in...

7.7CVSS5.9AI score0.00424EPSS
Exploits0References2
Snyk
Snyk
added 2024/11/07 9:57 p.m.8 views

Privilege Context Switching Error

Overview Duende.AccessTokenManagement.OpenIdConnect is a .NET library that manages OpenId Connect access tokens in ASP.NET Core applications. Affected versions of this package are vulnerable to Privilege Context Switching Error due to the improper handling of token refresh in pooled HttpClient...

5.4CVSS7AI score0.00221EPSS
Exploits0References2
Snyk
Snyk
added 2024/10/29 2:45 p.m.6 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview waitress is a production-quality pure-Python WSGI server with very acceptable performance. Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition in HTTP pipelining when handling an invalid initial request. An attacker can exploit this...

9.3CVSS6.9AI score0.00496EPSS
Exploits0References2
Snyk
Snyk
added 2024/10/29 2:33 p.m.7 views

Missing Release of Resource after Effective Lifetime

Overview waitress is a production-quality pure-Python WSGI server with very acceptable performance. Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime due to the improper handling of socket connections when a remote client prematurely closes t...

8.7CVSS6.9AI score0.01386EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/09/11 12:0 a.m.7 views

PT-2023-9786

Name of the Vulnerable Software and Affected Versions: Waitress versions prior to 3.0.1 Description: The issue is related to the getpeername function in the Waitress WSGI server for Python. When a remote client closes the connection before Waitress has the opportunity to call getpeername, it fail...

9.1CVSS6.5AI score0.01386EPSS
Exploits0References57
Snyk
Snyk
added 2022/11/28 6:2 a.m.3 views

Creation of Temporary File in Directory with Insecure Permissions

Overview com.github.samtools:htsjdk is a Java API for high-throughput sequencing data HTS formats Affected versions of this package are vulnerable to Creation of Temporary File in Directory with Insecure Permissions. due to the createTempDir function in util/IOUtil.java not checking for the...

7.8CVSS6.8AI score0.00699EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2021/01/16 12:0 a.m.10 views

PT-2021-4596 · Openexr +4 · Openexr +4

Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 3.0.1 Description: The issue is related to an integer overflow leading to a heap-buffer overflow in the DwaCompressor component of OpenEXR. This flaw can be exploited by an attacker to crash an application compiled...

8.8CVSS6.1AI score0.02291EPSS
Exploits5References134
Positive Technologies
Positive Technologies
added 2021/01/08 12:0 a.m.9 views

PT-2021-4553 · Openexr +4 · Openexr +4

Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 3.0.1 Description: The issue is related to an integer overflow leading to a heap-buffer overflow in the DwaCompressor component of OpenEXR. This flaw can be exploited by an attacker to cause a denial of service,...

8.8CVSS6.2AI score0.02291EPSS
Exploits5References133
Rows per page
Query Builder