Lucene search
+L

155 matches found

EUVD
EUVD
added 2025/11/11 7:38 a.m.2 views

EUVD-2025-77498

Malicious code in terriblereindeercopper-67 npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 5:50 a.m.1 views

EUVD-2025-72384

Malicious code in horsetomato-67 npm...

6.6AI score
Exploits0
CNVD
CNVD
added 2025/10/15 12:0 a.m.5 views

ERPNext Cross-Site Scripting Vulnerability

ERPNext is an open source enterprise resource planning solution from ERPNext India. A cross-site scripting vulnerability exists in ERPNext version v15.67.0, which stems from improper cleanup of content field inputs by the blog post feature and can be exploited by an attacker to cause a stored...

5.4CVSS6.1AI score0.00382EPSS
Exploits2References1
OSV
OSV
added 2025/08/25 2:15 p.m.5 views

CVE-2025-54492

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...

9.8CVSS8.2AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.7 views

Mozilla Firefox ESR < 140.2

The version of Firefox ESR installed on the remote Windows host is prior to 140.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-67 advisory. - Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1,...

9.8CVSS8.2AI score0.0053EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-11698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content...

5.3CVSS7.5AI score0.01392EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-11695

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A custom cursor defined by scripting on a site can position itself over the addressbar to spoof the actual cursor when it should not be allowed outside of the...

4.3CVSS6.8AI score0.00737EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2025/07/05 12:0 a.m.7 views

Rethinking and Exploring String-Based Malware Family Classification in the Era of LLMs and RAG

Malware Family Classification MFC aims to identify the fine-grained family e.g., GuLoader or BitRAT to which a potential malware sample belongs, in contrast to malware detection or sample classification that predicts only an Yes/No. Accurate family identification can greatly facilitate automated...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:12 a.m.8 views

CVE-2023-23898

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in CreativeThemes Blocksy Companion plugin = 1.8.67 versions...

5.5CVSS5.6AI score0.00341EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/23 12:0 a.m.7 views

PT-2025-17677 · Nih · Nih Brics

Name of the Vulnerable Software and Affected Versions: NIH BRICS aka Biomedical Research Informatics Computing System versions 14.0.0-67 and earlier Description: The issue allows users without the InET role to access the InET module by making direct requests to known endpoints. Recommendations: F...

4.3CVSS6.4AI score0.00332EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/10/21 12:0 a.m.12 views

Adobe Premiere Pro < 15.4.1 Arbitrary Code Execution (APSB21-67) (macOS)

The version of Adobe Premiere Pro installed on the remote macOS host is prior to 15.4.1. It is, therefore, affected by a vulnerability as referenced in the APSB21-67 advisory. - Adobe Premiere Pro version 15.4 and earlier are affected by a memory corruption vulnerability. An unauthenticated...

7.8CVSS8.2AI score0.01451EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/08/15 12:0 a.m.16 views

Adobe Substance 3D Designer < 14.0 (apsb24-67)

The version of Adobe Substance 3D Designer installed on the remote host is prior to 14.0. It is, therefore, affected by a vulnerability as referenced in the apsb24-67 advisory. - Substance3D - Designer versions 13.1.2 and earlier are affected by an out-of-bounds write vulnerability that could...

7.8CVSS6.4AI score0.00281EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/12/14 12:0 a.m.28 views

Adobe Prelude < 22.6.1 Memory leak (APSB23-67)

The version of Adobe Prelude installed on the remote Windows host is prior to 22.6.1. It is, therefore, affected by a vulnerability as referenced in the APSB23-67 advisory. - Adobe Prelude versions 22.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead t...

5.5CVSS5.8AI score0.00367EPSS
Exploits0References2
hivepro
hivepro
added 2023/08/10 12:53 p.m.14 views

Microsoft’s August Patch Tuesday Addresses Active Zero-Day Exploits

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary In the August Patch Tuesday release, Microsoft addressed a total of 73 CVEs, encompassing six critical and 67 important vulnerabilities. Within this range of vulnerabilities, the security update...

6.5AI score
Exploits0
OSV
OSV
added 2023/05/24 6:30 p.m.21 views

GHSA-W6F8-MXF5-4VF8 Missing authorization in Liferay portal

The Dynamic Data Mapping module in Liferay Portal 7.4.3.67, and Liferay DXP 7.4 update 67 does not limit Document and Media files which can be downloaded from a Form, which allows remote attackers to download any file from Document and Media via a crafted URL...

7.5CVSS6AI score0.00744EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/05/24 3:42 p.m.14 views

CVE-2023-33948

The Dynamic Data Mapping module in Liferay Portal 7.4.3.67, and Liferay DXP 7.4 update 67 does not limit Document and Media files which can be downloaded from a Form, which allows remote attackers to download any file from Document and Media via a crafted URL...

5.3CVSS7.1AI score0.00744EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.3 views

SUSE CVE-2018-6136

Missing type check in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

6.5CVSS8.7AI score0.00757EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.6 views

SUSE CVE-2018-6137

CSS Paint API in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS8.5AI score0.01902EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.4 views

SUSE CVE-2018-6140

Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension...

8.8CVSS9.1AI score0.02644EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.5 views

SUSE CVE-2018-6145

Insufficient data validation in HTML parser in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.1CVSS8.6AI score0.00593EPSS
Exploits0References7
Rows per page
Query Builder