Lucene search
K

121 matches found

EUVD
EUVD
added 2025/11/08 12:31 a.m.6 views

EUVD-2025-38342

Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the built-in readonly user can call APIs that should not be allowed. The list of APIs that are affected by this issue is: post:/platform/configuration/security/service-accounts...

8.8CVSS6.3AI score0.00324EPSS
Exploits0References2
NVD
NVD
added 2025/11/07 11:15 p.m.7 views

CVE-2025-37736

Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the built-in readonly user can call APIs that should not be allowed. The list of APIs that are affected by this issue is: post:/platform/configuration/security/service-accounts...

8.8CVSS0.00324EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-4309

Malware in sbrugna...

7.3CVSS7.5AI score0.00431EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-4308

Malware in sbrugna...

7.5CVSS7.6AI score0.00566EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-18741

Malware in sbrugna...

5.3CVSS5.2AI score0.01215EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2000-0356

Malware in sbrugna...

7.5CVSS6.4AI score0.01563EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7016

Malware in sbrugna...

7.5CVSS7.6AI score0.01476EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-4304

Malware in sbrugna...

8.5CVSS8.2AI score0.00805EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.44 views

EUVD-2022-7411

Malicious code in bioql PyPI...

8.8CVSS4.8AI score0.00534EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-23307

Malicious code in bioql PyPI...

6CVSS6.6AI score0.00148EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-47859

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00658EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/10/02 12:0 a.m.4 views

Flock Safety Pisco 安全漏洞

Flock Safety Pisco is a backend authentication module from Flock Safety USA. A security vulnerability exists in Flock Safety Pisco version 6.21.11, which stems from the inclusion of plaintext Auth0 client keys in the codebase, which could lead to key disclosure...

6.2CVSS6.8AI score0.00159EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/08/02 8:23 p.m.5 views

CVE-2025-37111

A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...

6CVSS6.5AI score0.00148EPSS
Exploits0References1
NVD
NVD
added 2025/07/31 8:15 p.m.4 views

CVE-2025-37111

A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...

6CVSS0.00148EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/31 7:41 p.m.10 views

CVE-2025-37111 Hard-Coded Authentication Keys found in System

A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...

6CVSS0.00148EPSS
Exploits0References1
CVE
CVE
added 2025/07/31 7:41 p.m.18 views

CVE-2025-37111

CVE-2025-37111 affects the HPE Telco Network Function Virtual Orchestrator. The issue is a vulnerability in the storage policy for certain sets of authentication keys, enabling unauthorized parties to gain access to sensitive system information. The CVSSv3.1 vector indicates Local attack vector, ...

6CVSS6.5AI score0.00148EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.5 views

PT-2025-31578 · Hewlett Packard · Hpe Telco Network Function Virtual Orchestrator

Name of the Vulnerable Software and Affected Versions: HPE Telco Network Function Virtual Orchestrator affected versions not specified Description: A vulnerability exists in the storage policy for certain sets of authentication keys. Successful exploitation could lead to unauthorized access to...

6CVSS6.9AI score0.00148EPSS
Exploits0References6
Snyk
Snyk
added 2025/07/09 6:30 p.m.3 views

Credential Exposure

Overview Affected versions of this package are vulnerable to Credential Exposure via the job configuration form. An attacker can obtain sensitive authentication keys by viewing the exposed values in the user interface. Remediation There is no fixed version for org.jenkins-ci.plugins:vaddy-plugin...

5.3CVSS7AI score0.00218EPSS
Exploits0References2
OSV
OSV
added 2025/07/09 4:15 p.m.6 views

CVE-2025-53669

Jenkins VAddy Plugin 1.2.8 and earlier does not mask Vaddy API Auth Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.3 views

CVE-2025-53669

Jenkins VAddy Plugin 1.2.8 and earlier does not mask Vaddy API Auth Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

7AI score0.00218EPSS
Exploits0References1
Rows per page
Query Builder