Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/05/07 3:49 a.m.8 views

CVE-2026-40982

Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. Spring Cloud Config 3.1.x: affected from...

9.1CVSS5.9AI score0.00727EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/21 12:50 a.m.5 views

CVE-2026-39386

Neko is a a self-hosted virtual browser that runs in Docker and uses WebRTC In versions 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1, any authenticated user can immediately obtain full administrative control of the entire Neko instance member management, room settings, broadcast control, session...

8.8CVSS5.7AI score0.00437EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/23 12:0 a.m.5 views

PT-2024-19700 · Unknown · A-Blog Cms

Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 2.9.1 a-blog cms versions 2.9.0 and earlier a-blog cms versions 2.10.x through 2.10.49 a-blog cms versions 2.11.x through 2.11.57 a-blog cms versions 3.0.x through 3.0.28 a-blog cms versions 3.1.x through 3.1.6...

8.1CVSS7.8AI score0.00749EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/09/20 12:0 a.m.5 views

Netatalk Security Vulnerabilities

Netatalk is open source software that provides AFP file server functionality for Classic Mac OS and macOS on Unix-like OS. A security vulnerability exists in Netatalk version 3.1.x through versions prior to 3.1.17. An attacker can exploit the vulnerability to remotely execute code...

9.8CVSS6.9AI score0.01793EPSS
Exploits0References9
OSV
OSV
added 2022/09/20 7:15 a.m.3 views

DEBIAN-CVE-2022-39956

The OWASP ModSecurity Core Rule Set CRS is affected by a partial rule set bypass for HTTP multipart requests by submitting a payload that uses a character encoding scheme via the Content-Type or the deprecated Content-Transfer-Encoding multipart MIME header fields that will not be decoded and...

9.8CVSS7.6AI score0.00952EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/05/17 12:0 a.m.17 views

Smarty 代码注入漏洞

Smarty is a PHP-based template engine that helps to separate the representation HTML/CSS from the application logic. A code injection vulnerability exists in Smarty versions 3.1.x prior to 3.1.45 and 4.1.x prior to 4.1.1, which can be exploited by a remote attacker to send a specially crafted...

8.8CVSS7.2AI score0.0454EPSS
Exploits1References15
ATTACKERKB
ATTACKERKB
added 2013/02/08 8:55 p.m.1 views

CVE-2013-0189

cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service resource consumption via a crafted request. NOTE: this issue is due to an incorrect fix for CVE-2012-5643, possibly involving an incorrect order of arguments or...

5CVSS5.7AI score0.23026EPSS
Exploits1References19
Rows per page
Query Builder