Lucene search
K

1088 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-45127

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00214EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-11151

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00385EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-26752

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00369EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-32613

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00312EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/10/01 12:0 a.m.4 views

Django 安全漏洞

Django is a set of open source web application frameworks based on the Python language from the Django Foundation. The framework includes an object-oriented mapper, view system, template system, and more. A security vulnerability exists in Django version 4.2 up to and including version 4.2.25,...

6.5CVSS7.1AI score0.0085EPSS
Exploits0References4
osv
osv
added 2025/10/01 12:0 a.m.8 views

CVE-2025-59681

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the kwarg...

7.1CVSS8AI score0.00583EPSS
Exploits0References6
ibm
ibm
added 2025/09/11 6:20 a.m.6 views

Security Bulletin: Vulnerability in pillow affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary IBM watsonx Orchestrate with watsonx Assistant Cartridge contains a vulnerable version of pillow Vulnerability Details CVEID:CVE-2025-48379 DESCRIPTION: Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently lar...

7.1CVSS6.8AI score0.00259EPSS
Exploits1Affected Software1
ibm
ibm
added 2025/09/09 9:22 a.m.7 views

Security Bulletin: Vulnerability in langchain_core affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary IBM watsonx Orchestrate with watsonx Assistant Cartridge contains a vulnerable version of langchaincore Vulnerability Details CVEID:CVE-2025-46059 DESCRIPTION: langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component. This...

9.8CVSS8.3AI score0.00702EPSS
Exploits0Affected Software1
ibm
ibm
added 2025/08/27 2:50 a.m.9 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in xmldom-0.9.8.tgz

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of xmldom-0.9.8.tgz Vulnerability Details CVEID:CVE-2021-32796 DESCRIPTION: xmldom is an open source pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. xmldom versions 0.6.0 and older ...

6.5CVSS6.6AI score0.01347EPSS
Exploits0Affected Software1
ibm
ibm
added 2025/08/27 2:44 a.m.9 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in helpers-7.24.0.tgz

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of helpers-7.24.0.tgz Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular...

6.2CVSS8.8AI score0.00478EPSS
Exploits0Affected Software1
ibm
ibm
added 2025/08/27 2:42 a.m.5 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in cryptography-44.0.0-cp37-abi3-macosx_10_9_universal2.whl

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of cryptography-44.0.0-cp37-abi3-macosx109universal2.whl Vulnerability Details CVEID:CVE-2024-12797 DESCRIPTION: Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the...

6.3CVSS7.6AI score0.02439EPSS
Exploits0Affected Software1
nessus
nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-32918

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service DoS attacks via memory exhaustion...

7.5CVSS7.1AI score0.02115EPSS
Exploits0References2
nessus
nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-5397

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC spring-webmvc module or...

5.3CVSS6.5AI score0.02382EPSS
Exploits1References2
ibm
ibm
added 2025/08/26 5:52 p.m.6 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in WebSphere Application Server Liberty

Summary IBM Watson Discovery Cartridge contains a vulnerable version of WebSphere Application Server Liberty Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial o...

7.5CVSS9.2AI score0.00399EPSS
Exploits0Affected Software1
ossf
ossf
added 2025/08/23 3:0 p.m.2 views

Malicious code in typescript-5.2 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1803c655ae363bcacfef82a893fa08357e9bc24ffb87b7f52e3de33d2b2de827 The OpenSSF Package Analysis project identified 'typescript-5.2' @...

7.1AI score
Exploits0
nessus
nessus
added 2025/08/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-48432

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which...

5.3CVSS7.5AI score0.006EPSS
Exploits0References2
suse
suse
added 2025/08/18 3:55 p.m.8 views

Security update for the Linux Kernel

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...

8.5CVSS8.1AI score0.00294EPSS
Exploits2References80
ibm
ibm
added 2025/07/23 4:15 p.m.15 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to command injection due to the lodash package (CVE-2021-23337)

Summary Lodash is used by DataStage on Cloud Pak for Data as part of data manipulation. Vulnerability Details CVEID:CVE-2021-23337 DESCRIPTION: Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. CWE:CWE-94: Improper Control of Generation of Code 'Code...

7.2CVSS7.5AI score0.2241EPSS
Exploits3Affected Software1
ibm
ibm
added 2025/07/23 1:33 p.m.12 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to unwanted disconnects due to the gRPC package (CVE-2023-33953)

Summary gRPC is used by DataStage on Cloud Pak for Data as part of service communication. Vulnerability Details CVEID:CVE-2023-33953 DESCRIPTION: gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional...

7.5CVSS7.7AI score0.00412EPSS
Exploits0Affected Software1
openvas
openvas
added 2025/07/10 12:0 a.m.3 views

Ubuntu: Security Advisory (USN-7623-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.01425EPSS
Exploits0References2
Rows per page
Query Builder