Lucene search
+L

47 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2011-4270

Malware in sbrugna...

7.8CVSS7.6AI score0.004EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-8207

Malware in sbrugna...

6.4CVSS4.2AI score0.04189EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-39679

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00201EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-49249

Malicious code in bioql PyPI...

7.1CVSS8.9AI score0.00215EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/18 11:54 a.m.7 views

CVE-2024-10031

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site Scripting attacks by modifying the configuration file in the underlying operating system...

5.8CVSS6AI score0.00161EPSS
Exploits0References1
OSV
OSV
added 2025/07/16 11:2 a.m.4 views

CVE-2024-10031

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site Scripting attacks by modifying the configuration file in the underlying operating system...

5.8CVSS6AI score0.00161EPSS
Exploits0References3
NVD
NVD
added 2025/06/19 6:15 p.m.8 views

CVE-2025-33117

IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configuration files that would allow the upload of a malicious autoupdate file to execute arbitrary commands...

9.1CVSS0.0047EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/19 5:16 p.m.14 views

CVE-2025-33117 IBM QRadar SIEM command execution

IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configuration files that would allow the upload of a malicious autoupdate file to execute arbitrary commands...

9.1CVSS0.0047EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:20 p.m.11 views

CVE-2021-24040

Due to use of unsafe YAML deserialization logic, an attacker with the ability to modify local YAML configuration files could provide malicious input, resulting in remote code execution or similar risks. This issue affects ParlAI prior to v1.1.0...

9.8CVSS7.5AI score0.17353EPSS
Exploits4References1
Vulnrichment
Vulnrichment
added 2025/01/15 12:0 a.m.6 views

CVE-2024-52783

Insecure permissions in the XNetSocketClient component of XINJE XDPPro.exe v3.2.2 to v3.7.17c allows attackers to execute arbitrary code via modification of the configuration file...

7.5AI score0.00172EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/15 12:0 a.m.12 views

CVE-2024-52783

Insecure permissions in the XNetSocketClient component of XINJE XDPPro.exe v3.2.2 to v3.7.17c allows attackers to execute arbitrary code via modification of the configuration file...

0.00172EPSS
Exploits0References1
CVE
CVE
added 2025/01/15 12:0 a.m.53 views

CVE-2024-52783

This CVE affects XINJE XDPPro.exe, where versions 3.2.2 through 3.7.17c have insecure permissions in the XNetSocketClient component. The underlying issue is improper access controls on the configuration file, enabling an attacker to modify it and achieve arbitrary code execution. Evidence from mu...

5.1CVSS7.5AI score0.00172EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/18 2:46 a.m.9 views

CVE-2022-22248 Junos OS Evolved: Incorrect file permissions can allow low-privileged user to cause another user to execute arbitrary commands

An Incorrect Permission Assignment vulnerability in shell processing of Juniper Networks Junos OS Evolved allows a low-privileged local user to modify the contents of a configuration file which could cause another user to execute arbitrary commands within the context of the follow-on user's...

7.3CVSS7.3AI score0.00182EPSS
Exploits0References1
OSV
OSV
added 2022/05/24 5:0 p.m.13 views

GHSA-6VC8-3XF2-QRXX Magento 2 Community Edition RCE Vulnerability

In Magento prior to 1.9.4.3, Magento prior to 1.14.4.3, Magento 2.2 prior to 2.2.10, and Magento 2.3 prior to 2.3.3 or 2.3.2-p1, an authenticated user with administrative privileges for the import feature can execute arbitrary code through a race condition that allows webserver configuration file...

6.6CVSS6.7AI score0.00851EPSS
Exploits0References3
OSV
OSV
added 2022/05/24 4:52 p.m.35 views

GHSA-3H69-4FRW-G2JM Magento 2 Community Unrestricted File Upload

A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to the import feature can make modifications to a configuration file, resulting in potentially unauthorized removal o...

7.2CVSS7.3AI score0.02421EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/11/27 12:0 a.m.61 views

phpMyAdmin 4.0.x < 4.0.10.10 / 4.2.x < 4.2.13.3 / 4.3.x < 4.3.13.1 / 4.4.x < 4.4.6.1 Multiple Vulnerabilities (PMASA-2015-2, PMASA-2015-3)

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.10, 4.2.x prior to 4.2.13.3, 4.3.x prior to 4.3.13.1, or 4.4.x prior to 4.4.6.1. It is, therefore, affected by multiple vulnerabilities. - Multiple cross-site request forger...

6.8CVSS8.1AI score0.01597EPSS
Exploits1References4
NVD
NVD
added 2020/10/02 1:15 p.m.24 views

CVE-2020-18185

class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment...

9.8CVSS0.01771EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2020/10/02 12:50 p.m.55 views

CVE-2020-18185

Removed by vendor...

9.8CVSS9.4AI score0.01771EPSS
Exploits1
Prion
Prion
added 2019/08/02 10:15 p.m.15 views

Unrestricted file upload

A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to the import feature can make modifications to a configuration file, resulting in potentially unauthorized removal o...

9CVSS7.2AI score0.02421EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2015/05/26 3:59 p.m.5 views

DEBIAN-CVE-2015-3902

Multiple cross-site request forgery CSRF vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configurati...

6.8CVSS9.8AI score0.01087EPSS
Exploits0References1
Rows per page
Query Builder