Lucene search
K

230 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-42087

Malicious code in bioql PyPI...

6.2CVSS6.5AI score0.00148EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-7513

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00904EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-29288

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00508EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-35290

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00396EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-0024

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.01232EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0019

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.01476EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-24151

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/24 12:28 a.m.17 views

CVE-2025-57430

Creacast Creabox Manager 4.4.4 exposes sensitive configuration data via a publicly accessible endpoint /get. When accessed, this endpoint returns internal configuration including the creacodec.lua file, which contains plaintext admin credentials...

7.5CVSS6.8AI score0.00374EPSS
Exploits1References1
OSV
OSV
added 2025/09/22 4:15 p.m.7 views

CVE-2025-57430

Creacast Creabox Manager 4.4.4 exposes sensitive configuration data via a publicly accessible endpoint /get. When accessed, this endpoint returns internal configuration including the creacodec.lua file, which contains plaintext admin credentials...

7.5CVSS5.8AI score0.00374EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/09/12 12:0 a.m.8 views

PT-2025-37299

Name of the Vulnerable Software and Affected Versions: Digiever NVR affected versions not specified Description: Digiever NVR devices are susceptible to a sensitive information exposure issue. Unauthenticated remote attackers can access the system configuration file and obtain plaintext credentia...

10CVSS6.2AI score0.0045EPSS
Exploits0References12
OSV
OSV
added 2025/09/05 10:55 p.m.9 views

CVE-2025-58373 Roo Code: Symlink-bypass of .rooignore can lead to unintended file disclosure

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions 3.25.23 and below contain a vulnerability where .rooignore protections could be bypassed using symlinks. This allows an attacker with write access to the workspace to trick the extension into reading files th...

5.5CVSS6.6AI score0.00289EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/08/30 6:18 p.m.5 views

CVE-2025-36729

A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. This vulnerability also allows the user to give themselves shell access with the root gid...

7.2CVSS7AI score0.00409EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.5 views

PT-2025-34951 · Nsfocus · Secgate3600

Name of the Vulnerable Software and Affected Versions: SecGate3600 affected versions not specified Description: SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information disclosure issue. The vulnerable component fails to enforce authentication checks on POST...

8.7CVSS6.4AI score0.06711EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/08/23 8:13 p.m.4 views

CVE-2010-20109

Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the viewhelp.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...

8.7CVSS7.4AI score0.01088EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/08/21 8:9 p.m.4 views

CVE-2010-20109

Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the viewhelp.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...

8.7CVSS6AI score0.01088EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.6 views

PT-2025-33747

Name of the Vulnerable Software and Affected Versions: EzGED3 versions prior to 3.5.72.27183 Description: EzGED3 is susceptible to an unauthenticated arbitrary file read issue stemming from inadequate access control and insufficient input validation within a web-accessible script. An attacker can...

5.3CVSS6.8AI score0.00667EPSS
Exploits1References6
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.299 views

Cisco ISE 3.0 - Authorization Bypass

Exploit Title: Cisco ISE 3.0 - Authorization Bypass Exploit Author: @ibrahimsql ibrahimsql.com Exploit Author's github: https://github.com/ibrahmsql Description: Cisco ISE API Authorization Bypass CVE: CVE-2025-20125 Vendor Homepage: https://www.cisco.com/ Requirements: requests=2.25.0,...

9.1CVSS7.4AI score0.14982EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/07/23 12:57 a.m.9 views

CVE-2025-43720

Headwind MDM before 5.33.1 makes configuration details accessible to unauthorized users. The Configuration profile is exposed to the Observer user role, revealing the password requires to escape out of the MDM controlled device's profile...

6.5CVSS7.3AI score0.00353EPSS
Exploits0References1
NVD
NVD
added 2025/07/21 5:15 p.m.5 views

CVE-2025-43720

Headwind MDM before 5.33.1 makes configuration details accessible to unauthorized users. The Configuration profile is exposed to the Observer user role, revealing the password requires to escape out of the MDM controlled device's profile...

6.5CVSS0.00353EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/21 12:0 a.m.4 views

CVE-2025-43720

Headwind MDM before 5.33.1 makes configuration details accessible to unauthorized users. The Configuration profile is exposed to the Observer user role, revealing the password requires to escape out of the MDM controlled device's profile...

6.6AI score0.00353EPSS
Exploits0References3
Rows per page
Query Builder