Lucene search
+L

92 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-3697

Malware in sbrugna...

3.6CVSS6.3AI score0.00371EPSS
Exploits0References6
euvd
euvd
added 2025/10/07 12:30 a.m.12 views

EUVD-2017-14312

Malware in sbrugna...

9CVSS9AI score0.01937EPSS
Exploits0References10
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-3133

Malware in sbrugna...

5.5CVSS7.3AI score0.00331EPSS
Exploits0References8
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2003-1004

Malware in sbrugna...

7.5CVSS6.4AI score0.02446EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-0991

Malware in sbrugna...

2.1CVSS6.2AI score0.00364EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-35556

Malicious code in bioql PyPI...

10CVSS9.2AI score0.00764EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-36674

Malicious code in bioql PyPI...

7.3CVSS7.5AI score0.00774EPSS
Exploits0References1
thn
thn
added 2025/10/01 5:20 p.m.5 views

New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer

In yet another piece of research, academics from Georgia Institute of Technology and Purdue University have demonstrated that the security guarantees offered by Intel's Software Guard eXtensions SGX can be bypassed on DDR4 systems to passively decrypt sensitive data. SGX is designed as a hardware...

6.6AI score
Exploits0
nvd
nvd
added 2025/09/23 2:15 a.m.6 views

CVE-2025-9495

The Vitogate 300 web interface fails to enforce proper server-side authentication and relies on frontend-based authentication controls. This allows an attacker to simply modify HTML elements in the browser’s developer tools to bypass login restrictions. By removing specific UI elements, an attack...

8.7CVSS0.00292EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/09/05 12:34 a.m.12 views

CVE-2025-56689

One Identity by Quest Safeguard for Privileged Passwords Appliance 7.5.1.20903 is vulnerable to One Time Password OTP/Multifactor Authentication MFA bypass using response manipulation. An attacker who intercepts or captures a valid OTP response can bypass the OTP verification step by replaying th...

4.6CVSS7AI score0.01269EPSS
Exploits1References1
cnnvd
cnnvd
added 2025/08/20 12:0 a.m.4 views

Liferay Portal和Liferay DXP 代码问题漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

6.5CVSS6.8AI score0.00287EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/08/02 8:23 p.m.5 views

CVE-2025-49082

CVE-2025-49082 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly read other settings. The attack...

5.1CVSS6.4AI score0.00221EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 9:9 a.m.4 views

CVE-2024-5868

The WooCommerce - Social Login plugin for WordPress is vulnerable to Email Verification in all versions up to, and including, 2.6.2 via the use of insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the email verification...

6.5CVSS6.2AI score0.00313EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:15 a.m.6 views

CVE-2024-9820

The WP 2FA with Telegram plugin for WordPress is vulnerable to Two-Factor Authentication Bypass in versions up to, and including, 3.0. This is due to the two-factor code being stored in a cookie, which makes it possible to bypass two-factor authentication...

7.5CVSS6.3AI score0.00391EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 5:38 a.m.6 views

CVE-2023-26047

teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. In teler-waf prior to version v0.2.0 is vulnerable to a bypass attack when a specific case-sensitive hex entities payload with special characters such as CR/LF and horizontal tab is used...

6.5CVSS6.3AI score0.00516EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 4:0 p.m.7 views

CVE-2020-14158

The ABUS Secvest FUMO50110 hybrid module does not have any security mechanism that ensures confidentiality or integrity of RF packets that are exchanged with an alarm panel. This makes it easier to conduct wAppLoxx authentication-bypass attacks...

9.1CVSS6.9AI score0.01842EPSS
Exploits1
ibm
ibm
added 2025/04/29 1:54 a.m.72 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics

Summary IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin. Vulnerability Details CVEID:CVE-2017-12973 DESCRIPTION: Connect2id Nimbus JOSE+JWT could provide...

9.3CVSS10AI score0.87806EPSS
Exploits2Affected Software1
ptsecurity
ptsecurity
added 2025/04/08 12:0 a.m.4 views

PT-2025-15493 · Microsoft · Windows Shell +1

Name of the Vulnerable Software and Affected Versions: Windows Hello affected versions not specified Description: A security-feature bypass issue exists, allowing an authorized attacker to bypass a security feature. This could potentially affect the system. Recommendations: At the moment, there i...

8.5CVSS6.7AI score0.01407EPSS
Exploits0References8
cnnvd
cnnvd
added 2025/04/08 12:0 a.m.3 views

Microsoft Windows Kerberos 安全漏洞

Microsoft Windows Kerberos is a software for authentication in network clusters from Microsoft Corporation USA.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications through a key system. A security vulnerability...

7.1CVSS8.3AI score0.04073EPSS
Exploits0References2
cve
cve
added 2025/03/13 12:0 a.m.54 views

CVE-2024-53406

CVE-2024-53406 affects Espressif ESP-IDF v5.3.0. The issue is described as insecure permissions that enable authentication bypass, with the reconnection phase reusing a prior session key, creating a foothold for security bypass attacks. The documented CVSS v3.1 base score is 8.8 (HIGH) with netwo...

8.8CVSS7.4AI score0.00594EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder