Lucene search
+L

580 matches found

CVE
CVE
added 2025/10/06 6:32 p.m.17 views

CVE-2025-11344

CVE-2025-11344 affects the ILIAS open-source learning platform in versions up to 8.23, 9.13, and 10.1. The vulnerability involves an unknown function within the Certificate Import Handler that can be manipulated to achieve Remote Code Execution . Exploitation may be possible remotely. A fix is pu...

9.8CVSS6.6AI score0.0047EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/10/06 6:32 p.m.7 views

CVE-2025-11344 ILIAS Certificate Import code injection

A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2...

5.3CVSS6.2AI score0.0047EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/10/06 12:0 a.m.6 views

PT-2025-40942

Name of the Vulnerable Software and Affected Versions ILIAS versions up to 8.23 ILIAS versions up to 9.13 ILIAS versions up to 10.1 Description A flaw exists due to deserialization in the unserialize function of the Test Import component. This manipulation can be initiated remotely. Recommendatio...

6.5CVSS5.2AI score0.00336EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-47314

Malicious code in bioql PyPI...

5.5CVSS4.8AI score0.00262EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-47371

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.01069EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-8654

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.0077EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-26077

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00347EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-0535

Malicious code in bioql PyPI...

5.4CVSS4.9AI score0.00619EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/08/30 6:18 p.m.7 views

CVE-2025-34520

An authentication bypass vulnerability in Arcserve Unified Data Protection UDP allows unauthenticated attackers to gain unauthorized access to protected functionality or user accounts. By manipulating specific request parameters or exploiting a logic flaw, an attacker can bypass login mechanisms...

9.8CVSS7.2AI score0.00347EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/30 6:18 p.m.6 views

CVE-2025-34522

A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified Data Protection UDP. This flaw can be triggered without authentication by sending specially crafted input to the target system. Improper bounds checking allows an attacker to overwrite heap memory,...

9.8CVSS8AI score0.00523EPSS
Exploits0References1
NCSC
NCSC
added 2025/08/28 12:56 p.m.7 views

Vulnerabilities fixed in Arcserve Unified Data Protection

Arcserve has fixed vulnerabilities in Arcserve Unified Data Protection UDP for all versions prior to 10.2. The vulnerabilities include an authentication bypass that allows unauthenticated malicious parties to access protected functions, a reflected cross-site scripting XSS vulnerability that allo...

9.8CVSS7.6AI score0.00523EPSS
Exploits0References1
OSV
OSV
added 2025/08/27 10:15 p.m.5 views

CVE-2025-34523

A heap-based buffer overflow vulnerability exists in the exists in the network-facing input handling routines of Arcserve Unified Data Protection UDP. This flaw is reachable without authentication and results from improper bounds checking when processing attacker-controlled input. By sending...

9.8CVSS6.5AI score0.00499EPSS
Exploits0References1
OSV
OSV
added 2025/08/27 10:15 p.m.5 views

CVE-2025-34521

A reflected cross-site scripting XSS vulnerability exists in the web interface of the Arcserve Unified Data Protection UDP, where unsanitized user input is improperly reflected in HTTP responses. This flaw allows remote attackers with low privileges to craft malicious links that, when visited by...

5.4CVSS5.9AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/27 9:19 p.m.10 views

CVE-2025-34520 Arcserve UDP < 10.2 Authentication Bypass

An authentication bypass vulnerability in Arcserve Unified Data Protection UDP allows unauthenticated attackers to gain unauthorized access to protected functionality or user accounts. By manipulating specific request parameters or exploiting a logic flaw, an attacker can bypass login mechanisms...

7.7CVSS0.00347EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/08/27 9:19 p.m.5 views

CVE-2025-34521

A reflected cross-site scripting XSS vulnerability exists in the web interface of the Arcserve Unified Data Protection UDP, where unsanitized user input is improperly reflected in HTTP responses. This flaw allows remote attackers with low privileges to craft malicious links that, when visited by...

5.4CVSS5.9AI score0.00197EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/08/27 9:19 p.m.11 views

CVE-2025-34521 Arcserve UDP < 10.2 Reflected Cross-Site Scripting (XSS)

A reflected cross-site scripting XSS vulnerability exists in the web interface of the Arcserve Unified Data Protection UDP, where unsanitized user input is improperly reflected in HTTP responses. This flaw allows remote attackers with low privileges to craft malicious links that, when visited by...

4.8CVSS0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/27 9:19 p.m.13 views

CVE-2025-34522 Arcserve UDP < 10.2 Pre-Authentication Heap Overflow

A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified Data Protection UDP. This flaw can be triggered without authentication by sending specially crafted input to the target system. Improper bounds checking allows an attacker to overwrite heap memory,...

9.2CVSS0.00523EPSS
Exploits0References1
CVE
CVE
added 2025/08/27 9:19 p.m.24 views

CVE-2025-34522

Arcserve UDP contains a pre-auth heap-based buffer overflow in its input parsing logic (UDP

9.8CVSS8.3AI score0.00523EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/08/27 9:19 p.m.7 views

CVE-2025-34522

A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified Data Protection UDP. This flaw can be triggered without authentication by sending specially crafted input to the target system. Improper bounds checking allows an attacker to overwrite heap memory,...

9.8CVSS6.3AI score0.00523EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/08/27 9:19 p.m.15 views

CVE-2025-34523 Arcserve UDP < 10.2 Pre-Authentication Heap Overflow

A heap-based buffer overflow vulnerability exists in the network-facing input handling routines of Arcserve Unified Data Protection UDP. This flaw is reachable without authentication and results from improper bounds checking when processing attacker-controlled input. By sending specially crafted...

9.2CVSS0.00499EPSS
Exploits0References1
Rows per page
Query Builder