Lucene search
K

11 matches found

Github Security Blog
Github Security Blog
added 2026/05/06 11:15 p.m.7 views

axonflow-sdk-go: Webhook signing-key (HMAC-SHA256) not exposed by SDK type, preventing signature verification

Summary The AxonFlow SDK's WebhookSubscription or equivalent type did not expose the HMAC-SHA256 signing key returned by the platform's CreateWebhook endpoint. Without access to the secret through the typed SDK API, callers had no path to verify the X-AxonFlow-Signature header on incoming webhook...

5.8AI score
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004637 advisory. In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to...

7.8CVSS7AI score0.0606EPSS
Exploits9References15
CBLMariner
CBLMariner
added 2025/10/28 9:13 p.m.3 views

CVE-2024-9676 affecting package podman for versions less than 5.6.1-2

CVE-2024-9676 affecting package podman for versions less than 5.6.1-2. An upgraded version of the package is available that resolves this issue...

6.5CVSS6.9AI score0.01345EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/30 6:19 p.m.5 views

CVE-2025-57758

Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesn't check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying...

4.3CVSS6.5AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:18 a.m.7 views

CVE-2023-28121

An issue in WooCommerce Payments plugin for WordPress versions 5.6.1 and lower allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the...

9.8CVSS7.1AI score0.86919EPSS
Exploits9References1
NVD
NVD
added 2024/05/30 6:15 p.m.21 views

CVE-2024-2422

LenelS2 NetBox access control and event monitoring system was discovered to contain an authenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands...

9.3CVSS7.1AI score0.00519EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/30 5:26 p.m.18 views

CVE-2024-2422 LenelS2 NetBox Improper Neutralization of Argumented Delimiters

LenelS2 NetBox access control and event monitoring system was discovered to contain an authenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands...

9.3CVSS7.4AI score0.00519EPSS
Exploits0References2
OSV
OSV
added 2024/05/22 3:15 p.m.4 views

CVE-2024-3926

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customattributes value in widgets in all versions up to, and including, 5.6.1 due to insufficient input sanitization...

5.4CVSS6AI score0.00324EPSS
Exploits0References3
CNVD
CNVD
added 2016/08/10 12:0 a.m.1 views

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2016-06214)

Adobe Experience Manager is an enterprise content management solution that helps you streamline the management and delivery of your content and assets. A cross-site scripting vulnerability exists in Adobe Experience Manager 5.6.1, 6.0, 6.1, which can be exploited by remote attackers to inject...

6.1CVSS6.1AI score0.01734EPSS
Exploits0References1
CNVD
CNVD
added 2016/08/10 12:0 a.m.3 views

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2016-06216)

Adobe Experience Manager is an enterprise content management solution that helps you streamline the management and delivery of your content and assets. A cross-site scripting vulnerability exists in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2, which can be exploited by remote attackers to...

6.1CVSS6.1AI score0.01734EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/02/11 12:0 a.m.156 views

Adobe Experience Manager (AEM) Multiple Vulnerabilities (APSB16-05) - Active Check

Adobe Experience Manager AEM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS7.5AI score0.5071EPSS
Exploits6References4
Rows per page
Query Builder