Lucene search
K

592 matches found

Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.11 views

PT-2026-44550

Impact A path traversal vulnerability in shame next allows an attacker-controlled shamefile.yaml to disclose contents of files outside the repository, one line at a time, to the terminal of a user who runs the command. See patch commit for technical details. Patches Fixed in 0.1.7. Upgrade to...

5.5CVSS5.8AI score0.00013EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/05/27 12:38 a.m.16 views

@hapi/wreck leaks sensitive `Proxy-Authorization` header across cross-hostname redirects

Impact When @hapi/wreck follows a 3xx redirect to a different hostname, only the Authorization and Cookie headers are stripped. The standard credential header Proxy-Authorization is forwarded intact to the redirect target, potentially exposing forward-proxy credentials to a host outside the...

4.3CVSS6.8AI score0.00734EPSS
Exploits0References4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:21 p.m.13 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in Pillow [CVE-2026-40192]

Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in Pillow, due to a failure to limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attack CVE-2026-40192. Pillow is used in our speech runtimes. Thi...

8.7CVSS7AI score0.00671EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/05/19 3:21 p.m.6 views

GHSA-M7CR-M3PV-HGRP go-git: Improper single-quote escaping in go-git SSH transport

Impact go-git's SSH transport constructs the remote exec command by wrapping the repository path in single quotes without escaping single quotes embedded inside the path. This diverges from canonical Git, which shell-quotes the path through sqquotebuf so that an embedded ' becomes the '''...

2.3CVSS5.9AI score0.00365EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/15 2:10 p.m.11 views

Security Bulletin: A vulnerability in package Lodash affects IBM® Db2® Big SQL on IBM Cloud Pak for Data.

Summary A vulnerability in OpenSSL affects IBM® Db2® Big SQL 8 and earlier on IBM Cloud Pak for Data 5.3.1 and earlier. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the .unset and .omit functions. An attacke...

8.2CVSS6.6AI score0.01535EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/05/11 5:39 a.m.12 views

BIT-GDAL-2026-8086 OSGeo gdal SWapi.c SWnentries heap-based overflow

A vulnerability was identified in OSGeo gdal up to 3.13.0. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly...

7.8CVSS6.1AI score0.00237EPSS
Exploits1References10
OSV
OSV
added 2026/05/07 8:16 p.m.11 views

UBUNTU-CVE-2026-8087

A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack must be initiated from a local position. The...

7.8CVSS5.9AI score0.00223EPSS
Exploits1References11
Github Security Blog
Github Security Blog
added 2026/05/06 11:14 p.m.6 views

axonflow-sdk-python: Webhook signing-key (HMAC-SHA256) not exposed by SDK type, preventing signature verification

Summary The AxonFlow SDK's WebhookSubscription or equivalent type did not expose the HMAC-SHA256 signing key returned by the platform's CreateWebhook endpoint. Without access to the secret through the typed SDK API, callers had no path to verify the X-AxonFlow-Signature header on incoming webhook...

5.8AI score
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.11 views

PT-2026-37244

Name of the Vulnerable Software and Affected Versions JupyterHub versions 4.1.0 through 5.4.4 Description XSRF protection inappropriately treated requests containing the Sec-Fetch-Mode: no-cors header as same-origin requests, allowing the bypass of XSRF checks. This affects HTTP form endpoints,...

5.4CVSS5.8AI score0.00159EPSS
Exploits1References15
CVE
CVE
added 2026/04/27 3:15 p.m.19 views

CVE-2026-7135

GPAC MP4Box contains a local-out-of-bounds read in the function elng_box_read (src/isomedia/box_code_base.c). Affected version range is GPAC up to 26.03-DEV-rev105-g8f39a1eb3-master. The vulnerability is triggered by manipulating the elng argument and may enable an attacker to leverage a local ex...

5.3CVSS5.3AI score0.00113EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/23 6:51 a.m.3 views

Security Bulletin: Due to use of spring-security-web-6.5.8.jar, IBM Sterling Connect:Direct Web Services is affected by missing HTTP header in response issue.

Summary spring-security-web-6.5.8.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-22732. Vulnerability Details CVEID:CVE-2026-22732 DESCRIPTION: When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP...

9.1CVSS5.7AI score0.0048EPSS
Exploits2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/18 1:14 a.m.10 views

Zebra has rk Identity Point Panic in Transaction Verification

rk Identity Point Panic in Transaction Verification Summary Orchard transactions contain a rk field which is a randomized validating key and also an elliptic curve point. The Zcash specification allows the field to be the identity a "zero" value, however, the orchard crate which is used to verify...

9.2CVSS5.7AI score0.00268EPSS
Exploits0References3Affected Software2
EUVD
EUVD
added 2026/04/16 1:3 a.m.5 views

EUVD-2026-22881

@fastify/express has a middleware authentication bypass via URL normalization gaps duplicate slashes and semicolons...

9.1CVSS5.8AI score0.00483EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/15 9:29 a.m.29 views

CVE-2026-33808 @fastify/express vulnerable to middleware authentication bypass via URL normalization gaps (duplicate slashes and semicolons)

Impact@fastify/express v4.0.4 and earlier fails to normalize URLs before passing them to Express middleware when Fastify router normalization options are enabled. This allows complete bypass of path-scoped authentication middleware via duplicate slashes when ignoreDuplicateSlashes is enabled, or...

9.1CVSS0.00483EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.4 views

PT-2026-32055

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.10.0 Description Manipulated XMP metadata entity declarations can exhaust RAM. An attacker can craft a PDF that leads to large memory usage when the XMP metadata is parsed. Recommendations Update to version 6.10.0. As...

6.9CVSS5.7AI score0.00423EPSS
Exploits0References20
NVD
NVD
added 2026/04/06 10:16 p.m.5 views

CVE-2026-5708

Unsanitized control of user-modifiable attributes in the session creation component in AWS Research and Engineering Studio RES prior to version 2026.03 could allow an authenticated remote user to escalate privileges, assume the virtual desktop host instance profile permissions, and interact with...

8.8CVSS0.00841EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.4 views

PT-2026-30761

Name of the Vulnerable Software and Affected Versions Strawberry GraphQL versions through 0.312.3 Description Strawberry GraphQL is susceptible to an authentication bypass on WebSocket subscription endpoints. The legacy graphql-ws subprotocol handler does not verify completion of a connection ini...

7.5CVSS5.2AI score0.00424EPSS
Exploits0References11
Github Security Blog
Github Security Blog
added 2026/04/03 9:35 p.m.7 views

Auth0OAuthenticator has an Authentication Bypass via Unverified Email Claims

Summary An authentication bypass vulnerability in oauthenticator allows an attacker with an unverified email address on an Auth0 tenant to login to JupyterHub. When email is used as the usrnameclaim, this gives users control over their username and the possibility of account takeover. Impact This...

8.8CVSS5.9AI score0.00438EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:25 p.m.6 views

Payload has Authenticated SSRF via Upload Functionality

Impact An authenticated Server-Side Request Forgery SSRF vulnerability existed in the upload functionality. Authenticated users with create or update access to an upload-enabled collection could cause the server to make outbound HTTP requests to arbitrary URLs. Consumers are affected if ALL of...

7.7CVSS5.9AI score0.00296EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/01 9:24 p.m.2 views

GHSA-MMXC-95CH-2J7C @payloadcms/next has Stored XSS in Admin Panel

Impact A stored Cross-site Scripting XSS vulnerability existed in the admin panel. An authenticated user with write access to a collection could save content that, when viewed by another user, would execute in their browser. Consumers are affected if ALL of these are true: - Payload version v3.78...

8.7CVSS5.9AI score0.00286EPSS
Exploits0References3
Rows per page
Query Builder