Lucene search
K

144 matches found

vulnersOsv
vulnersOsv
added 2026/02/03 3:16 p.m.7 views

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2026-1207 via django (>=4.2.0 <=4.2.27)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2026-1207 Source advisory: OSV:PYSEC-2026-44...

8.3CVSS7.2AI score0.09436EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/03 3:16 p.m.12 views

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2026-1287 via django (>=4.2.0 <=4.2.27)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2026-1287 Source advisory: OSV:PYSEC-2026-46...

8.3CVSS7.2AI score0.00754EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/03 3:16 p.m.7 views

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2025-13473 via django (>=4.2.0 <=4.2.27)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2025-13473 Source advisory: OSV:PYSEC-2026-42...

5.3CVSS5.8AI score0.00713EPSS
Exploits0
OSV
OSV
added 2026/01/21 9:18 p.m.6 views

CVE-2026-22808 Fleet Windows MDM endpoint has a Cross-site Scripting vulnerability

fleetdm/fleet is open source device management software. Prior to versions 4.78.2, 4.77.1, 4.76.2, 4.75.2, and 4.53.3, if Windows MDM is enabled, an unauthenticated attacker can exploit this XSS vulnerability to steal a Fleet administrator's authentication token FLEET::authtoken from localStorage...

5.5CVSS5.5AI score0.00209EPSS
Exploits0References3
Snyk
Snyk
added 2026/01/12 3:12 a.m.2 views

Malicious Package

Overview passport-google-auth-token is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/12/02 4:15 p.m.7 views

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +113 more potentially affected by CVE-2025-13372 via django (>=4.2.0 <=4.2.26)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2025-13372 Source advisory: OSV:PYSEC-2025-104...

4.3CVSS7.3AI score0.00904EPSS
Exploits0
OSV
OSV
added 2025/11/07 3:30 a.m.2 views

GHSA-XMQ3-Q5PM-RP26 Nuxt DevTools vulnerable to cross-site scripting (XSS)

A vulnerability in Nuxt DevTools has been fixed in version 2.6.4. This issue may have allowed Nuxt auth token extraction via XSS under certain configurations. All users are encouraged to upgrade...

6.9CVSS6.4AI score0.00231EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/11/07 3:30 a.m.8 views

Nuxt DevTools vulnerable to cross-site scripting (XSS)

A vulnerability in Nuxt DevTools has been fixed in version 2.6.4. This issue may have allowed Nuxt auth token extraction via XSS under certain configurations. All users are encouraged to upgrade...

6.9CVSS6.4AI score0.00231EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/11/07 1:15 a.m.4 views

CVE-2025-52662

A vulnerability in Nuxt DevTools has been fixed in version 2.6.4. This issue may have allowed Nuxt auth token extraction via XSS under certain configurations. All users are encouraged to upgrade. More details: https://vercel.com/changelog/cve-2025-52662-xss-on-nuxt-devtools...

6.9CVSS0.00231EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/07 12:43 a.m.1 views

CVE-2025-52662

A vulnerability in Nuxt DevTools has been fixed in version 2.6.4. This issue may have allowed Nuxt auth token extraction via XSS under certain configurations. All users are encouraged to upgrade. More details: https://vercel.com/changelog/cve-2025-52662-xss-on-nuxt-devtools...

6.9CVSS6AI score0.00231EPSS
Exploits1References2
OSV
OSV
added 2025/11/07 12:43 a.m.4 views

CVE-2025-52662

A vulnerability in Nuxt DevTools has been fixed in version 2.6.4. This issue may have allowed Nuxt auth token extraction via XSS under certain configurations. All users are encouraged to upgrade. More details: https://vercel.com/changelog/cve-2025-52662-xss-on-nuxt-devtools...

6.9CVSS6.4AI score0.00231EPSS
Exploits1References4
OSV
OSV
added 2025/10/11 8:40 a.m.8 views

BIT-GRAFANA-IMAGE-RENDERER-2025-11539 Arbitrary Code Execution in Grafana Image Renderer Plugin

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS8.2AI score0.00594EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25853

Malicious code in bioql PyPI...

6.2CVSS6.5AI score0.00124EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-45939

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.00551EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.19 views

EUVD-2022-4547

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.03965EPSS
Exploits0References17
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-29306

Malicious code in bioql PyPI...

7.6CVSS6.7AI score0.00591EPSS
Exploits0References1
OSV
OSV
added 2025/08/26 11:15 p.m.4 views

CVE-2025-0086

In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2CVSS5.9AI score0.00124EPSS
Exploits0References2
CVE
CVE
added 2025/08/26 10:48 p.m.75 views

CVE-2025-0086

Technical details such as affected products, versions, root cause, or remediation for CVE-2025-0086 are not publicly provided in the connected documents. Monitor for updates.

6.2CVSS6AI score0.00124EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-27154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spotipy is a lightweight Python library for the Spotify Web API. The CacheHandler class creates a cache file to store the auth token. Prior to version 2.25.1, t...

9.8CVSS7AI score0.00589EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2025/08/04 11:25 p.m.4 views

SUSE CVE-2025-6624

Versions of the package snyk before 1.1297.3 are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variables or command line arguments can be exposed when executing Snyk CLI in DEBUG or...

7.2CVSS7.1AI score0.00151EPSS
Exploits0References2
Rows per page
Query Builder