Lucene search
K

240 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-9987

Malware in sbrugna...

9.8CVSS9.5AI score0.01551EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-27000

Malware in sbrugna...

8.8CVSS8.6AI score0.01399EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-21336

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00263EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-31887

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00152EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-29284

Malicious code in bioql PyPI...

9CVSS8.8AI score0.02453EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-17637

Malicious code in bioql PyPI...

6.9CVSS6.4AI score0.00534EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-29286

Malicious code in bioql PyPI...

9CVSS8.8AI score0.02393EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-1987

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00225EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-19761

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00516EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/26 10:38 p.m.3 views

CVE-2025-59845 Apollo Embedded Sandbox and Explorer vulnerable to CSRF via window.postMessage origin-validation bypass

Apollo Studio Embeddable Explorer & Embeddable Sandbox are website embeddable software solutions from Apollo GraphQL. Prior to Apollo Sandbox version 2.7.2 and Apollo Explorer version 3.7.3, a cross-site request forgery CSRF vulnerability was identified. The vulnerability arises from missing orig...

8.2CVSS7AI score0.00149EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/11 12:0 a.m.12 views

PT-2025-37180

Name of the Vulnerable Software and Affected Versions: Online Fire Reporting System version 1.2 Description: The Online Fire Reporting System contains a stored cross-site scripting issue. The vulnerability is due to insufficient validation of user inputs for the fullname, location, and message...

5.4CVSS6AI score0.00193EPSS
Exploits0References4
Veracode
Veracode
added 2025/09/01 12:1 p.m.5 views

Cross-Site WebSocket Hijacking (CSWSH)

github.com/komari-monitor/komari, is vulnerable to Cross-Site WebSocket Hijacking CSWSH. The vulnerability is due to disabled origin checking, which allows an attacker to hijack authenticated user WebSocket connections...

6.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2025/07/01 3:15 p.m.3 views

CVE-2025-34050

A cross-site request forgery CSRF vulnerability exists in the web interface of AVTECH IP camera, DVR, and NVR devices. An attacker can craft malicious requests that, when executed in the context of an authenticated user’s browser session, allow unauthorized changes to the device configuration...

5.1CVSS5.9AI score0.00246EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/06/24 8:10 p.m.4 views

CVE-2025-52572 Hikka vulnerable to RCE through dangling web interface

Hikka, a Telegram userbot, has vulnerability affects all users on all versions of Hikka. Two scenarios are possible. 1. Web interface does not have an authenticated session: attacker can use his own Telegram account to gain RCE to the server by authorizing in the dangling web interface. 2. Web...

10CVSS8AI score0.00619EPSS
Exploits0References2
OSV
OSV
added 2025/06/24 8:10 p.m.6 views

CVE-2025-52572 Hikka vulnerable to RCE through dangling web interface

Hikka, a Telegram userbot, has vulnerability affects all users on all versions of Hikka. Two scenarios are possible. 1. Web interface does not have an authenticated session: attacker can use his own Telegram account to gain RCE to the server by authorizing in the dangling web interface. 2. Web...

10CVSS7.7AI score0.00619EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/06/12 11:0 p.m.12 views

vantage6 lacks brute-force protection on change password functionality

Impact If attacker gets access to an authenticated session, they can try to brute-force the user password by using the change password functionality: they can call that route infinitely which will return the message that password is wrong until it is correct Patches This issue has been patched in...

9.8CVSS6.4AI score0.00397EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/06/12 11:0 p.m.5 views

GHSA-J6G5-P62X-58HW vantage6 lacks brute-force protection on change password functionality

Impact If attacker gets access to an authenticated session, they can try to brute-force the user password by using the change password functionality: they can call that route infinitely which will return the message that password is wrong until it is correct Patches This issue has been patched in...

6.3CVSS7AI score0.00397EPSS
Exploits0References5
PyPA
PyPA
added 2025/06/12 6:15 p.m.16 views

PYSEC-2025-220

vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. If attacker gets access to an authenticated session, they can try to brute-force the user password by using the change password functionality...

9.8CVSS5.8AI score0.00397EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/06/12 5:29 p.m.4 views

CVE-2025-43863 vantage6 lacks brute-force protection on change password functionality

vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. If attacker gets access to an authenticated session, they can try to brute-force the user password by using the change password functionality...

6.3CVSS6.5AI score0.00397EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/12 8:19 a.m.6 views

CVE-2025-5741

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause arbitrary file reads from the charging station. The exploitation of this vulnerability does require an authenticated session of the web server...

6.9CVSS5.1AI score0.00534EPSS
Exploits0References1
Rows per page
Query Builder