Skip to main content

Rdiffweb

42 CVEs product

Monthly

CVE-2023-5289 PyPI HIGH POC PATCH This Week

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-4138 PyPI MEDIUM POC PATCH This Month

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-4724 PyPI CRITICAL POC PATCH Act Now

Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Rdiffweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-4723 PyPI MEDIUM POC PATCH This Month

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-4722 PyPI HIGH POC PATCH This Week

Authentication Bypass by Primary Weakness in GitHub repository ikus060/rdiffweb prior to 2.5.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Rdiffweb
NVD GitHub
CVSS 3.1
7.2
EPSS
1.1%
CVE-2022-4721 PyPI MEDIUM POC PATCH This Month

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository ikus060/rdiffweb prior to 2.5.5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection Rdiffweb
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-4720 PyPI MEDIUM POC PATCH This Month

Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Rdiffweb
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-4719 PyPI CRITICAL POC PATCH Act Now

Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-4646 PyPI MEDIUM PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

CSRF Rdiffweb
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-4644 PyPI MEDIUM POC PATCH This Month

Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Rdiffweb
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-4314 PyPI CRITICAL POC PATCH Act Now

Improper Privilege Management in GitHub repository ikus060/rdiffweb prior to 2.5.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Privilege Escalation Rdiffweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-4018 PyPI MEDIUM POC PATCH This Month

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Rdiffweb
NVD GitHub
CVSS 3.1
4.3
EPSS
0.8%
CVE-2022-3362 PyPI CRITICAL POC PATCH Act Now

Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-3363 PyPI CRITICAL PATCH Act Now

Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Rdiffweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-3327 PyPI CRITICAL PATCH Act Now

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Rdiffweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-3439 PyPI CRITICAL PATCH Act Now

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Rdiffweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-3457 PyPI CRITICAL PATCH Act Now

Origin Validation Error in GitHub repository ikus060/rdiffweb prior to 2.5.0a5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Rdiffweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2022-3456 PyPI CRITICAL PATCH Act Now

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Rdiffweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2022-3438 PyPI MEDIUM POC PATCH This Month

Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Rdiffweb
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-3389 PyPI HIGH POC PATCH This Week

Path Traversal in GitHub repository ikus060/rdiffweb prior to 2.4.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Rdiffweb
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-3376 PyPI MEDIUM POC PATCH This Month

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Brute Force Rdiffweb
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-3273 PyPI CRITICAL POC PATCH Act Now

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-3371 PyPI HIGH POC PATCH This Week

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-3364 PyPI HIGH POC PATCH This Week

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-3326 PyPI MEDIUM POC PATCH This Month

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Brute Force Rdiffweb
NVD GitHub
CVSS 3.1
4.3
EPSS
0.6%
CVE-2022-3292 PyPI MEDIUM POC PATCH This Month

Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
CVSS 3.1
4.6
EPSS
0.5%
CVE-2022-3298 PyPI HIGH POC PATCH This Week

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-3290 PyPI HIGH POC PATCH This Week

Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-3272 PyPI HIGH POC PATCH This Week

Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-3295 PyPI HIGH POC PATCH This Week

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-3301 PyPI LOW POC PATCH Monitor

Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
CVSS 3.1
2.4
EPSS
0.6%
CVE-2022-3269 PyPI CRITICAL POC PATCH Act Now

Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Session Fixation Rdiffweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-3274 PyPI LOW POC PATCH Monitor

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.7. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

CSRF Rdiffweb
NVD GitHub
CVSS 3.1
3.5
EPSS
0.4%
CVE-2022-3267 PyPI MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Rdiffweb
NVD GitHub
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-3233 PyPI MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Rdiffweb
NVD GitHub
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-3250 PyPI MEDIUM POC PATCH This Month

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
CVE-2022-3232 PyPI MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Rdiffweb
NVD GitHub
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-3221 PyPI HIGH POC PATCH This Week

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Rdiffweb
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-3179 PyPI HIGH POC PATCH This Week

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Brute Force Rdiffweb
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-3175 PyPI MEDIUM POC PATCH This Month

Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-3174 PyPI HIGH POC PATCH This Week

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-3167 PyPI HIGH POC PATCH This Week

Improper Restriction of Rendered UI Layers or Frames in GitHub repository ikus060/rdiffweb prior to 2.4.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Rdiffweb
NVD GitHub
CVSS 3.1
8.8
EPSS
1.0%
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Rdiffweb
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

Authentication Bypass by Primary Weakness in GitHub repository ikus060/rdiffweb prior to 2.5.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Rdiffweb
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository ikus060/rdiffweb prior to 2.5.5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection Rdiffweb
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Rdiffweb
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

CSRF Rdiffweb
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Rdiffweb
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Improper Privilege Management in GitHub repository ikus060/rdiffweb prior to 2.5.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Privilege Escalation Rdiffweb
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Rdiffweb
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Rdiffweb
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Rdiffweb
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Rdiffweb
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Origin Validation Error in GitHub repository ikus060/rdiffweb prior to 2.5.0a5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Rdiffweb
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Rdiffweb
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Rdiffweb
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Path Traversal in GitHub repository ikus060/rdiffweb prior to 2.4.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Rdiffweb
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Brute Force Rdiffweb
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Brute Force Rdiffweb
NVD GitHub
EPSS 1% CVSS 4.6
MEDIUM POC PATCH This Month

Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
EPSS 1% CVSS 2.4
LOW POC PATCH Monitor

Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Session Fixation Rdiffweb
NVD GitHub
EPSS 0% CVSS 3.5
LOW POC PATCH Monitor

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.7. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

CSRF Rdiffweb
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Rdiffweb
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Rdiffweb
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Rdiffweb
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Rdiffweb
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Brute Force Rdiffweb
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rdiffweb
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Improper Restriction of Rendered UI Layers or Frames in GitHub repository ikus060/rdiffweb prior to 2.4.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Rdiffweb
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy