Lucene search
+L

11 matches found

NVD
NVD
added 2026/07/07 4:17 a.m.11 views

CVE-2026-42143

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, user-controlled persistent volume names are interpolated into shell commands executed on managed servers without escaping or validation, allowing an authenticated member to...

8.8CVSS0.00435EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/07 3:15 a.m.6 views

EUVD-2026-41993

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, user-controlled persistent volume names are interpolated into shell commands executed on managed servers without escaping or validation, allowing an authenticated member to...

8.8CVSS6AI score0.00435EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/07 3:15 a.m.29 views

CVE-2026-42143 Coolify: OS Command Injection via Persistent Volume Names - Root RCE on Managed Servers

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, user-controlled persistent volume names are interpolated into shell commands executed on managed servers without escaping or validation, allowing an authenticated member to...

8.8CVSS0.00435EPSS
Exploits0References3
OSV
OSV
added 2026/07/07 3:15 a.m.4 views

CVE-2026-42143 Coolify: OS Command Injection via Persistent Volume Names - Root RCE on Managed Servers

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, user-controlled persistent volume names are interpolated into shell commands executed on managed servers without escaping or validation, allowing an authenticated member to...

8.8CVSS6AI score0.00435EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.23 views

PT-2026-56137

Name of the Vulnerable Software and Affected Versions Coolify versions prior to 4.0.0-beta.471 Description Coolify is an open-source tool for managing servers, applications, and databases. An authenticated member can execute commands as root on managed servers by injecting shell metacharacters in...

8.8CVSS6AI score0.00435EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/21 1:27 p.m.9 views

EUVD-2026-38159

Craft CMS 4.x = 4.0.0-RC1, = 5.0.0-RC1, 5.9.0-beta.1 contain multiple stored cross-site scripting vulnerabilities where settings names and field option labels are rendered without sanitization e.g., via the checkbox.twig template, which used label|raw . An authenticated administrator with...

4.8CVSS5.9AI score0.00183EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:16 a.m.4 views

SUSE CVE-2015-5313

Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storagebackendfs.c in libvirt, when fine-grained Access Control Lists ACL are in effect, allows local users with storagevol:create ACL but not domain:write permission to write to arbitrary files via ...

2.5CVSS6.7AI score0.00451EPSS
Exploits0References6
OSV
OSV
added 2021/03/04 9:15 p.m.4 views

CVE-2021-26988

Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine SVM names, volume names,...

3.5CVSS5.8AI score0.00384EPSS
Exploits0References1
Prion
Prion
added 2021/03/04 9:15 p.m.24 views

Code injection

Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine SVM names, volume names,...

2.7CVSS4.1AI score0.00384EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/03/04 9:15 p.m.3 views

CVE-2021-26988

Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine SVM names, volume names,...

3.5CVSS5AI score0.00384EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/03/04 8:44 p.m.42 views

CVE-2021-26988

Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine SVM names, volume names,...

4.4AI score0.00384EPSS
Exploits0References1
Rows per page
Query Builder