Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/02/19 7:23 p.m.5 views

CVE-2026-26202 Penpot has Arbitrary File Read via create-font-variant RPC endpoint

Penpot is an open-source design tool for design and code collaboration. Prior to version 2.13.2, an authenticated user can read arbitrary files from the server by supplying a local file path e.g. /etc/passwd as a font data chunk in the create-font-variant RPC endpoint, resulting in the file...

7.5CVSS5.7AI score0.00437EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/11 6:0 a.m.3 views

CVE-2025-15400 OpenPix <= 2.13.3 - Subscriber+ Payment Gateway Settings Reset

The OpenPix for WooCommerce WordPress plugin through 2.13.3 allows any authenticated user to trigger AJAX actions that reset payment gateway configuration options without capability or nonce checks. This permits any authenticated users, such as subscribers to clear API credentials and webhook...

5.9AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/31 12:0 a.m.6 views

Scrapy 资源管理错误漏洞

Scrapy is a free and open source web crawler framework written in Python by Scrapy Open Source. A resource management error vulnerability exists in Scrapy 2.13.2 and earlier versions, which stems from a flaw in the brotli decompression implementation that could lead to a denial of service attack...

7.5CVSS7.1AI score0.00509EPSS
Exploits0References1
NVD
NVD
added 2025/03/20 10:15 a.m.26 views

CVE-2024-6838

In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in its name due to the lack of a limit on the experiment name. This can cause the MLflow UI panel to become unresponsive, leading to a potential denial of...

5.3CVSS0.00615EPSS
Exploits1References1
OSV
OSV
added 2022/05/12 5:15 p.m.3 views

CVE-2021-0194

Improper access control in the IntelR In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access...

7.2CVSS7.1AI score0.00895EPSS
Exploits0References1
Rows per page
Query Builder