The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files from the PeerTube server due to a path traversal in the HLS endpoint. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Weblate is a web based localization tool. Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Vulnerability in the Oracle Applications Technology Stack product of Oracle E-Business Suite (component: Configuration). Rated low severity (CVSS 3.6), this vulnerability is no authentication required.
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.
Hydra is a Continuous Integration service for Nix based projects. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.
SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.
HCL BigFix Web Reports' service communicates over HTTPS but exhibits a weakness in its handling of SSL certificate validation. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.