Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.14 views

PT-2026-52909

Name of the Vulnerable Software and Affected Versions RustFS version 1.0.0-beta.4 Description Authenticated users with PutObject permission on their own bucket can exploit a path traversal issue in the Snowball auto-extract feature to write arbitrary objects into buckets belonging to other users,...

8.6CVSS5.9AI score0.00273EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/02 1:54 p.m.15 views

keycloak: Keycloak: Information disclosure due to redirect_uri validation bypass

A flaw was found in Keycloak. This issue allows an attacker, who controls another path on the same web server, to bypass the allowed path in redirect Uniform Resource Identifiers URIs that use a wildcard. A successful attack may lead to the theft of an access token, resulting in information...

7.3CVSS5.8AI score0.0044EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-5556

Malware in sbrugna...

7.2CVSS7.4AI score0.01458EPSS
Exploits5References13
Hacker One
Hacker One
added 2024/03/26 2:53 p.m.71 views

Internet Bug Bounty: Improper handling of wildcards in --allow-fs-read and --allow-fs-write

The Node.js Permission Model was found to have improper handling of wildcards in the --allow-fs-read and --allow-fs-write options. The implementation silently ignored any text after a wildcard character, potentially granting unintended file system access. Additionally, when the wildcard character...

6.5CVSS5.9AI score0.00945EPSS
Exploits0
Rows per page
Query Builder