Lucene search
K

13 matches found

NVD
NVD
added 5 days ago6 views

CVE-2026-50136

Budibase is an open-source low-code platform. Prior to 3.39.3, the application server exposes an unauthenticated endpoint that generates S3 PutObject presigned URLs using credentials stored in a workspace datasource. The route is protected only by the recaptcha middleware and does not require...

7.4CVSS0.00326EPSS
Exploits1References1
Snyk
Snyk
added 2026/06/22 11:19 p.m.4 views

Missing Authorization

Overview @budibase/server is a Budibase Web Server Affected versions of this package are vulnerable to Missing Authorization via the getSignedUploadURL process. An attacker can gain unauthorized access to generate AWS S3 pre-signed PUT URLs using stored IAM credentials by sending unauthenticated...

9.4CVSS5.9AI score0.00341EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.10 views

CVE-2026-36176

GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs PUT requests in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface...

5.8AI score0.00103EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/04 12:0 a.m.9 views

EUVD-2026-34279

GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs PUT requests in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface...

7.1CVSS5.8AI score0.00103EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/28 7:30 p.m.4 views

CVE-2025-69218 Discourse moderators can access admin-only reports exposing private upload URLs

Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, moderators can access the topuploads admin report which should be restricted to admins only. This report displays direct URLs to all uploaded files on the site, including sensitive...

7.1CVSS5.9AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:36 p.m.8 views

CVE-2023-49099

Discourse is a platform for community discussion. Under very specific circumstances, secure upload URLs associated with posts can be accessed by guest users even when login is required. This vulnerability has been patched in 3.2.0.beta4 and 3.1.4...

4.3CVSS6.8AI score0.00321EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-53108

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00321EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-38138

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00597EPSS
Exploits1References1
Prion
Prion
added 2024/01/12 9:15 p.m.23 views

Design/Logic Flaw

Discourse is a platform for community discussion. Under very specific circumstances, secure upload URLs associated with posts can be accessed by guest users even when login is required. This vulnerability has been patched in 3.2.0.beta4 and 3.1.4...

4.3CVSS7.1AI score0.00321EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/09/23 7:15 p.m.12 views

CVE-2022-35246

A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat v5, v4.8.2 and v4.7.5 in the getS3FileUrl Meteor server method that can disclose arbitrary file upload URLs to users that should not be able to access...

4.3CVSS6.5AI score
Exploits0References1
Prion
Prion
added 2022/09/23 7:15 p.m.17 views

Information disclosure

A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat v5, v4.8.2 and v4.7.5 in the getS3FileUrl Meteor server method that can disclose arbitrary file upload URLs to users that should not be able to access...

4CVSS4.6AI score0.00597EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/23 6:28 p.m.3 views

CVE-2022-35246

A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat v5, v4.8.2 and v4.7.5 in the getS3FileUrl Meteor server method that can disclose arbitrary file upload URLs to users that should not be able to access...

4.5AI score0.00597EPSS
Exploits1References1
Hacker One
Hacker One
added 2022/01/22 1:23 p.m.23 views

Rocket.Chat: NoSQL-Injection discloses S3 File Upload URLs

Summary A NoSQL-Injection vulnerability in the getS3FileUrl Meteor server method can disclose arbitrary file upload URLs to users that should not be able to access. Description The fileId argument of the getS3FileUrl Meteor server method is not validated and can contain a regular expression. The...

4CVSS2AI score0.00597EPSS
Exploits1
Rows per page
Query Builder