Lucene search
+L

5 matches found

OSV
OSV
added 2 days ago4 views

CVE-2026-61835 Directus: SSRF Protection Bypass via 0.0.0.0 in File Import

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 12.0.0, the SSRF protection on Directus's file-import-from-URL feature can be bypassed using the address 0.0.0.0 because api/src/request/is-denied-ip.ts treats 0.0.0.0 as a keyword for local interfaces but...

7.7CVSS6.1AI score0.0025EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/03/02 11:27 p.m.10 views

WordPress Uncanny Automator - Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin <= 7.0.0.3 - Authenticated (Administrator+) Server-Side Request Forgery to Arbitrary File Upload vulnerability

WordPress Uncanny Automator - Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin = 7.0.0.3 - Authenticated Administrator+ Server-Side Request Forgery to Arbitrary File Upload vulnerability discovered by lucsob in WordPress Plugin Uncanny Automator versions = 7.0.0.3...

7.2CVSS5.9AI score0.00655EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.8 views

BeyondTrust Privilege Management for Windows 安全漏洞

BeyondTrust Privilege Management for Windows is a software for restricting user privileges by BeyondTrust USA. A security vulnerability exists in BeyondTrust Privilege Management for Windows prior to version 25.4.270.0, which originates in wmic.exe could lead to an anti-tamper protection bypass...

7.1CVSS6.6AI score0.00158EPSS
Exploits0References2
OSV
OSV
added 2024/01/03 8:15 a.m.12 views

UBUNTU-CVE-2024-0208

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file...

7.8CVSS7AI score0.01823EPSS
Exploits1References3
CNVD
CNVD
added 2018/01/05 12:0 a.m.6 views

QuickApps CMS Cross-Site Scripting Vulnerability

QuickApps CMS is a PHP-based, open source, modular content management system. A cross-site scripting vulnerability exists in the user's real name field in QuickApps CMS version 2.0.0. A remote attacker can exploit this vulnerability to cause a denial of service and perform unauthorized operations...

5.4CVSS6.3AI score0.00631EPSS
Exploits1References1
Rows per page
Query Builder