Lucene search
+L

9 matches found

RedhatCVE
RedhatCVE
added 2026/02/28 2:0 p.m.7 views

CVE-2026-2251

Improper limitation of a pathname to a restricted directory Path Traversal vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core version 8.1.0 vi...

9.8CVSS5.9AI score0.0039EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/27 9:30 a.m.6 views

EUVD-2026-9015

An XML External Entity XXE vulnerability allows malicious user to perform Server-Side Request Forgery SSRF via crafted XML input containing malicious external entity references. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core...

7.5CVSS5.9AI score0.00265EPSS
Exploits0References2
OSV
OSV
added 2026/02/27 9:16 a.m.5 views

CVE-2026-2252

An XML External Entity XXE vulnerability allows malicious user to perform Server-Side Request Forgery SSRF via crafted XML input containing malicious external entity references. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core...

7.5CVSS5.8AI score0.00265EPSS
Exploits0References1
OSV
OSV
added 2026/02/27 9:16 a.m.7 views

CVE-2026-2251

Improper limitation of a pathname to a restricted directory Path Traversal vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core version 8.1.0 vi...

9.8CVSS5.7AI score0.0039EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/09 6:43 p.m.8 views

Security Bulletin: IBM Storage Ceph is vulnerable to an Infinite Loop in Grafana (CVE-2024-24786)

Summary Grafana is used by IBM Storage Ceph as a metrics dashboard. CVE-2024-24786 This bulletin identifies the steps to take to address the vulnerability in Grafana. Vulnerability Details CVEID:CVE-2024-24786 DESCRIPTION: The protojson.Unmarshal function can enter an infinite loop when...

7.5CVSS8.9AI score0.01262EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2025/05/06 12:0 a.m.84 views

📄 Grokability Snipe-IT 8.0.4 Insecure Direct Object Reference

Grokability Snipe-IT versions 8.0.4 and below suffer from an insecure direct object reference vulnerability. Exploit Title: Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference IDOR Google Dork: N/A Date: 2025-05-02 Exploit Author: Sn1p3r-H4ck3r Siripong Jintung Vendor Homepage:...

5CVSS6.3AI score0.01189EPSS
Exploits4
Positive Technologies
Positive Technologies
added 2024/07/26 12:0 a.m.6 views

PT-2024-5230 · Apache · Apache Traffic Server

Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions 8.0.0 through 8.1.10 Apache Traffic Server versions 9.0.0 through 9.2.4 Description: The issue arises from Apache Traffic Server forwarding malformed HTTP chunked trailer sections to origin servers, which can be...

9.1CVSS7.6AI score0.01085EPSS
Exploits0References29
Positive Technologies
Positive Technologies
added 2023/08/07 12:0 a.m.2 views

PT-2023-26996 · Unknown · Prestashop

Name of the Vulnerable Software and Affected Versions: PrestaShop versions prior to 8.1.1 Description: The issue allows files to be compromised using path traversal by replaying the import file deletion query with a specified file path that uses the traversal path in the back office. There are no...

9.1CVSS9.1AI score0.00723EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2023/04/28 12:0 a.m.5 views

PT-2023-16558 · Hypr · Hypr Workforce Access

Name of the Vulnerable Software and Affected Versions: HYPR Workforce Access versions 6.12 through 8.1 Description: The issue is related to an Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on MacOS, allowing Privilege Escalation. Recommendations: For...

9.8CVSS9.4AI score0.00319EPSS
Exploits0References4
Rows per page
Query Builder