Lucene search
K

12 matches found

Cvelist
Cvelist
added 2026/05/12 7:39 p.m.36 views

CVE-2026-44218 ciguard: Container image runs as root (no USER directive)

ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...

3CVSS0.00122EPSS
Exploits0References1
NVD
NVD
added 2026/05/08 3:16 p.m.9 views

CVE-2026-38361

Multiple unauthenticated denial-of-service DoS issues in fohrloop dash-uploader v0.1.0 through v0.7.0a2. The chunked-upload handler dashuploader/httprequesthandler.py, dashuploader/upload.py trusts unsanitized, attacker-controlled upload parameters e.g. flowTotalChunks and does not enforce the...

7.5CVSS0.02643EPSS
Exploits5References11
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.13 views

PT-2026-39009

Name of the Vulnerable Software and Affected Versions fohrloop dash-uploader versions 0.1.0 through 0.7.0a2 Description A remote attacker can execute arbitrary code through the Upload function and the max file size parameter within the dash uploader/httprequesthandler.py, dash uploader/upload.py,...

7.8CVSS6.1AI score0.02643EPSS
Exploits5References17
vulnersOsv
vulnersOsv
added 2026/03/25 6:31 p.m.9 views

@aaquib/whatsasenanpm (=1.3.5), @alexandersen01/sharepoint-mcp-server-better (=0.3.23) +86 more potentially affected by CVE-2026-26832 via node-tesseract-ocr (>=0.1.0 <=2.2.1)

node-tesseract-ocr NPM version =0.1.0, =1.0.10, =0.0.1, =2.3.50, =2.0.0, =0.0.1, =0.0.2, =1.0.0, =0.0.1, =0.0.1, =0.0.4 and more Source cves: CVE-2026-26832 Source advisory: OSV:GHSA-8J44-735H-W4W2...

9.8CVSS7.2AI score0.01706EPSS
Exploits3
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.7 views

LLM-Claw 安全漏洞

LLM-Claw is an open-source AI agent framework developed by CLAW LLM. Versions 0.1.0, 0.1.1, 0.1.1a, and 0.1.1a-p1 of LLM-Claw contain security vulnerabilities. These vulnerabilities stem from a buffer overflow in the agentdeployinit function within the Agent Deployment component, which may lead t...

9CVSS7.6AI score0.00663EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.5 views

PT-2025-34225 · Vllm · Vllm

Name of the Vulnerable Software and Affected Versions: vLLM versions 0.1.0 through 0.10.1.0 Description: vLLM is an inference and serving engine for large language models LLMs. A Denial of Service DoS vulnerability can be triggered by sending a single HTTP GET request with an extremely large head...

7.5CVSS7.3AI score0.00527EPSS
Exploits0References11
CNVD
CNVD
added 2025/08/15 12:0 a.m.5 views

OpenBao has an unspecified vulnerability (CNVD-2025-18600)

OpenBao is OpenBao open source a sensitive data management software . A security vulnerability exists in OpenBao versions 0.1.0 through 2.3.1, which can be exploited by attackers to cause information leakage...

3.7CVSS6.5AI score0.0018EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/15 12:0 a.m.3 views

OpenBao suffers from an unspecified vulnerability (CNVD-2025-18607)

OpenBao is OpenBao open source a sensitive data management software . A security vulnerability exists in OpenBao versions 0.1.0 through 2.3.1, which stems from the TOTP key engine being able to accept valid code multiple times, and no details of the vulnerability are provided at this time...

6.5CVSS7AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/11 2:30 a.m.9 views

CVE-2025-55000

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, OpenBao's TOTP secrets engine could accept valid codes multiple times rather than strictly-once. This was caused by unexpected...

6.5CVSS6.8AI score0.00195EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.5 views

PT-2024-5048 · Unknown · Deepjavalibrary

Name of the Vulnerable Software and Affected Versions: DeepJavaLibraryDJL versions 0.1.0 through 0.27.0 Description: The issue is related to the incorrect restriction of the directory path name with limited access. This can allow a remote attacker to overwrite system files. The estimated number o...

10CVSS6.7AI score0.00655EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2022/06/15 12:0 a.m.3 views

PT-2022-11394 · Ariang · Ariang

Name of the Vulnerable Software and Affected Versions: AriaNg versions 0.1.0 through 1.2.2 Description: The issue is related to incorrect access control, where the system fails to authenticate visitors' access rights, potentially allowing unauthorized access. Recommendations: For versions 0.1.0...

9.8CVSS9.2AI score0.00953EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/06/10 12:0 a.m.5 views

expand-hash 安全漏洞

expand-hash is a package. Attribute keys can be expanded recursively into objects using dot notation. A security vulnerability exists in expand-hash versions 0.1.0 through 1.0.1 that results in a denial of service and can lead to remote code execution...

9.8CVSS8.7AI score0.03299EPSS
Exploits1References3
Rows per page
Query Builder