Lucene search
K

13 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/15 10:26 p.m.5 views

CVE-2026-40179

Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without...

5.3CVSS5.9AI score0.0024EPSS
Exploits0References4Affected Software1
vulnersOsv
vulnersOsv
added 2026/04/01 9:19 p.m.4 views

a-mailx (=0.1.0), a2a-acl (=0.0.15) +1217 more potentially affected by CVE-2026-34513 via aiohttp (>=3.0.0b0 <=3.13.3)

aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =72.0.0 and more Source cves: CVE-2026-34513 Source advisory: SNYK:PYTHON-AIOHTTP-15873737...

7.5CVSS5.4AI score0.0044EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/01 4:8 p.m.6 views

@adenta/cms (>=0.0.6 <=1.1.1-0), @anjy7/navbar-cms (=0.0.5) +25 more potentially affected by CVE-2026-34751 via @payloadcms/graphql (>=3.0.0-alpha.0 <=3.79.0)

@payloadcms/graphql NPM version =3.0.0-alpha.0, =0.0.6, =0.1.2, =1.0.2, =0.1.0, =3.0.0, =3.2.0, =0.2.0, =3.0.0-beta.10, =1.0.54, =1.0.1, =0.1.0, =0.1.1 and more Source cves: CVE-2026-34751 Source advisory: SNYK:JS-PAYLOADCMSGRAPHQL-15871107...

9.1CVSS5.8AI score0.00306EPSS
Exploits0
OSV
OSV
added 2026/01/15 2:16 p.m.1 views

DEBIAN-CVE-2026-0897

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...

7.5CVSS6.6AI score0.00299EPSS
Exploits3References1
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.4 views

Keras security vulnerabilities

Keras is an open-source deep learning framework with multiple backends. Versions 3.0.0 to 3.13.0 of Keras contain security vulnerabilities. These vulnerabilities stem from the HDF5 weight loading component, which allows unlimited or throttled resource allocation. This could allow remote attackers...

7.5CVSS6.8AI score0.00299EPSS
Exploits3References2
CNNVD
CNNVD
added 2025/08/22 12:0 a.m.4 views

ZITADEL 安全漏洞

ZITADEL is a modern open source alternative to Auth0, Firebase Auth, AWS Cognito, and Keycloak built for the container and serverless era from the Swiss ZITADEL open source. A security vulnerability exists in ZITADEL versions 4.0.0 through 4.0.2, 3.0.0 through 3.3.6, and versions prior to 2.71.15...

5.3CVSS6.5AI score0.0035EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/07/23 12:0 a.m.1 views

ABB Advant MOD 300 AdvaBuild 安全漏洞

ABB Advant MOD 300 AdvaBuild is an industrial control system from ABB Switzerland. A security vulnerability exists in ABB Advant MOD 300 AdvaBuild versions 3.0 through 3.7 SP2, which originates from an attacker who can cause a denial-of-service attack by injecting garbage data or specially crafte...

7.8CVSS6.7AI score0.00127EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/23 12:0 a.m.2 views

PT-2024-10763 · Abb +1 · Advant Mod 300 Advabuild +1

Name of the Vulnerable Software and Affected Versions: Advant MOD 300 AdvaBuild versions 3.0 through 3.7 SP2 Description: An attacker could exploit the issue by injecting specially crafted data, potentially causing a denial-of-service attack through process crashes or communication issues on the...

7.8CVSS6.6AI score0.00127EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2023/08/03 6:30 p.m.9 views

org.craftercms:crafter-studio (>=3.0.0 <=3.1.27E) potentially affected by CVE-2023-4136 via org.craftercms:crafter-engine (>=3.0.0 <=3.1.27E)

org.craftercms:crafter-engine MAVEN version =3.0.0, =3.0.0, =3.1.27E Source cves: CVE-2023-4136 Source advisory: SNYK:JAVA-ORGCRAFTERCMS-8722255...

7.4CVSS6.7AI score0.01304EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2023/06/05 12:0 a.m.3 views

PT-2023-2999 · Unknown · Nexus Series +2

Name of the Vulnerable Software and Affected Versions: ASPECT-Enterprise versions 3.0;0 through 3.07.01 NEXUS Series versions 3.0;0 through 3.07.01 MATRIX Series versions 3.0;0 through 3.07.01 Description: The issue is related to improper privilege management, which can allow an attacker to...

9.8CVSS7.6AI score0.00374EPSS
Exploits0References6
OSV
OSV
added 2022/10/19 12:0 p.m.11 views

GHSA-5QWQ-G2HX-R6F7 Hessian Lite for Apache Dubbo deserialization vulnerability

A deserialization vulnerability existed in dubbo hessian-lite 3.2.12 and its earlier versions, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.17 and prior versions; Apache Dubbo 3.0.x version 3.0.11 and prior versions; Apache Dubbo 3.1.x version...

9.8CVSS5.9AI score0.02351EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2022/03/22 10:15 p.m.3 views

CVE-2022-25518

In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which allows attackers with database access to read the password of the users who login to the application by querying the database table...

6.5CVSS5.4AI score0.00741EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/02/15 12:0 a.m.4 views

Vmware Cloud Foundation 资源管理错误漏洞

Vmware VMware Cloud Foundation is an all-in-one hybrid cloud platform from Vmware. The platform includes features such as operations automation, infrastructure auto-configuration, and integrated lifecycle management. A resource management error vulnerability exists in Vmware Cloud Foundation, whi...

7.5CVSS7.6AI score0.0228EPSS
Exploits0References4
Rows per page
Query Builder