Lucene search
K

21 matches found

Cvelist
Cvelist
added 2026/06/19 1:17 p.m.31 views

CVE-2026-47341 Apache APISIX: Session replay issue in hmac-auth

Authentication Bypass by Capture-replay vulnerability in Apache APISIX. Attacker can benefit from certain configurations in hmac-auth to re-use a token forever, bypassing expiry. This issue affects Apache APISIX: from 3.11.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, whic...

6.3CVSS0.0043EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 2:16 p.m.16 views

CVE-2026-6338

A HTTP request smuggling and desynchronization vulnerability affects Kong Gateway Enterprise 3.4, 3.10, 3.11, 3.12, 3.13, and 3.14 series. The vulnerability is caused by a parsing flaw in Kong’s HTTP request processing pipeline when handling untrusted HTTP/1.1 traffic...

7CVSS0.00253EPSS
Exploits0References1
CVE
CVE
added 2026/04/24 5:10 p.m.36 views

CVE-2026-41140

CVE-2026-41140 affects Poetry (Python dependency manager). The vulnerability is in extractall(), src/poetry/utils/helpers.py:410-426, which allowed tarball extraction without path traversal protection on Python versions where tarfile.data_filter is unavailable. Affected supported Poetry/Python ra...

8.7CVSS5.3AI score0.00294EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/22 2:35 p.m.7 views

Directory Traversal

Overview poetry is a Python dependency management and packaging made easy. Affected versions of this package are vulnerable to Directory Traversal via the extractall function in src/poetry/utils/helpers.py that extracts sdist tarballs without path traversal protection on Python versions where...

8.7CVSS6.4AI score0.00294EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414645)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414645 advisory. An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by...

7.8CVSS6.5AI score0.00348EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/06 2:24 a.m.15 views

CVE-2025-22153

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython interpreter starting in 3.11 and prior to 3.13.2 when using try/except, RestrictedPython starting...

7.9CVSS6.4AI score0.00388EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/08/23 12:0 a.m.3 views

Python 代码问题漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in Python versions 3.11 through 3.11.4, which stems from the presence of unexpecte...

7.5CVSS8AI score0.02187EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2023/06/22 9:15 p.m.4 views

CVE-2023-35131

Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14...

6.1CVSS5.8AI score0.00677EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/09/17 12:0 a.m.3 views

PT-2022-34298 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v3.11 through v5.4.210 Description: A potential buffer overflow issue exists in the ni set mc special registers function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

7.8AI score
Exploits0References1
CNNVD
CNNVD
added 2022/08/30 12:0 a.m.5 views

Moodle 跨站请求伪造漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A cross-site request forgery vulnerability exists in Moodle H5P libraries versions 4.0 through 4.0.2 and 3.11 through 3.11.8, which...

8.8CVSS5.5AI score0.00386EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2022/02/09 1:1 a.m.4 views

com.impetus.kundera.client:kundera-cassandra (>=3.11 <=3.13), com.impetus.kundera.client:kundera-cassandra-ds-driver (>=3.11 <=3.13) +26 more potentially affected by CVE-2020-17516 via org.apache.cassandra:cassandra-all (>=3.11.0 <=3.11.1)

org.apache.cassandra:cassandra-all MAVEN version =3.11.0, =3.11, =3.11, =3.11, =0.3.3, =0.4.0, =3.11.0.0, =2.3, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.1 and more Source cves: CVE-2020-17516 Source advisory: OSV:GHSA-2VXM-VP4C-FJFW...

7.5CVSS7.1AI score0.01931EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/01/25 8:15 p.m.13 views

CVE-2022-0332

A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data...

9.8CVSS6.4AI score0.44918EPSS
Exploits4References3
OSV
OSV
added 2022/01/25 8:15 p.m.3 views

UBUNTU-CVE-2022-0333

A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The calendar:manageentries capability allowed managers to access or modify any calendar event, but should have been restricted from accessing user level events...

3.8CVSS7.2AI score0.00572EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/01/25 12:0 a.m.10 views

PT-2022-13111 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions 3.11 to 3.11.4 Moodle versions 3.10 to 3.10.8 Moodle versions 3.9 to 3.9.11 Moodle versions earlier than 3.9 Description: A flaw was found in the calendar:manageentries capability, which allowed managers to access or modify an...

9.8CVSS6.3AI score0.52299EPSS
Exploits22References106
ATTACKERKB
ATTACKERKB
added 2021/11/22 4:15 p.m.2 views

CVE-2021-43560

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events...

5.3CVSS6.7AI score0.00973EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2021/11/22 4:15 p.m.1 views

CVE-2021-3943

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A remote code execution risk when restoring backup files was identified...

9.8CVSS7.8AI score0.02383EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/11/16 12:0 a.m.19 views

PT-2021-5354 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions 3.11 to 3.11.3 Moodle versions 3.10 to 3.10.7 Moodle versions 3.9 to 3.9.10 Moodle versions earlier than 3.9 Description: The issue is related to errors in code generation management, allowing a remote attacker to execute...

9.8CVSS6.8AI score0.02383EPSS
Exploits0References30
Positive Technologies
Positive Technologies
added 2021/11/16 12:0 a.m.11 views

PT-2021-5355 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions 3.11 to 3.11.3 Moodle versions 3.10 to 3.10.7 Moodle versions 3.9 to 3.9.10 Moodle versions prior to 3.9 Description: A flaw was found in Moodle due to insufficient capability checks, making it possible to fetch other users'...

9.8CVSS5.9AI score0.52299EPSS
Exploits18References106
ATTACKERKB
ATTACKERKB
added 2021/04/06 7:15 p.m.6 views

CVE-2021-28688

The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in...

6.5CVSS5.5AI score0.00332EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2021/02/16 12:0 a.m.7 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel 3.11 through 5.10.16, which stems from insufficient internal status updates that prevent incorrect security recovery...

7.8CVSS6.7AI score0.00348EPSS
Exploits0References21
Rows per page
Query Builder