Lucene search
K

7 matches found

OSV
OSV
added 2026/06/15 8:45 p.m.6 views

GHSA-C653-97M9-RCG9 Netty: Wrapping plain trust manager silently disables hostname verification

SimpleTrustManagerFactory.engineGetTrustManagers and related paths wrap any user-supplied plain X509TrustManager in X509TrustManagerWrapper, which extends X509ExtendedTrustManager but implements the 3-arg checkServerTrustedchain, authType, SSLEngine by discarding the SSLEngine and calling the 2-a...

7.5CVSS5.2AI score0.00269EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/08 11:0 p.m.44 views

PHPSpreadsheet has a patch bypass for CVE-2026-34084

Summary CVE-2026-34084 was patched by the helper File::prohibitWrappers. The helper calls parseurl$filename, PHPURLSCHEME and then checks isstring$scheme && strlen$scheme 1 to reject stream wrappers such as phar://, php://, data:// or expect://. The check is not equivalent to "does the path conta...

9.8CVSS5.7AI score0.00712EPSS
Exploits3References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/09/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-38275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sen...

7.5CVSS7.2AI score0.00445EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/14 11:7 p.m.6 views

CVE-2025-31490 AutoGPT allows SSRF due to DNS Rebinding in requests wrapper

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to 0.6.1, AutoGPT allows SSRF due to DNS Rebinding in requests wrapper. AutoGPT is built with a wrapper around Python's requests library, hardenin...

7.5CVSS7AI score0.0044EPSS
Exploits1References2
OSV
OSV
added 2016/12/11 2:59 a.m.32 views

CVE-2016-9853

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

5.3CVSS7AI score
Exploits0References3
OSV
OSV
added 2016/12/11 2:59 a.m.5 views

ALPINE-CVE-2016-9852

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

5.3CVSS6.8AI score0.02157EPSS
Exploits0References1
OSV
OSV
added 2016/12/11 2:59 a.m.9 views

CVE-2016-9852

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

5.3CVSS9.4AI score
Exploits0References3
Rows per page
Query Builder