Lucene search
K

517 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1135

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00497EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4230

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00499EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4927

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00923EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-2699

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00298EPSS
Exploits0References7
Veracode
Veracode
added 2025/09/25 6:47 a.m.6 views

Improper Access Control

contao/contao is vulnerable to Improper Access Control. The vulnerability is due to protected content elements rendered as fragments being indexed in the front-end search, which allows an attacker to access sensitive content publicly...

5.3CVSS6.6AI score0.00266EPSS
Exploits0References5Affected Software2
Veracode
Veracode
added 2025/09/25 6:29 a.m.5 views

Improper Access Control

contao/contao is vulnerable to improper access control. The vulnerability is due to the table access voter in the back end not checking if a user is allowed to access the corresponding module, which allows an attacker to gain unauthorized access to restricted modules...

4.3CVSS7.1AI score0.00225EPSS
Exploits0References5Affected Software2
Veracode
Veracode
added 2025/09/25 5:59 a.m.7 views

Improper Access Control

contao/contao is vulnerable to Improper Access Control. The vulnerability is due to news feeds not filtering protected news archives, which allows an attacker to access and view restricted news items through the public RSS feed...

5.3CVSS6.7AI score0.00281EPSS
Exploits0References5Affected Software2
RedhatCVE
RedhatCVE
added 2025/08/30 6:19 p.m.7 views

CVE-2025-57759

Contao is an Open Source CMS. In versions starting from 5.3.0 and prior to 5.3.38 and 5.6.1, under certain conditions, back end users may be able to edit fields of pages and articles without having the necessary permissions. This issue has been patched in versions 5.3.38 and 5.6.1. There are no...

4.3CVSS6.5AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/30 6:19 p.m.6 views

CVE-2025-57758

Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesn't check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying...

4.3CVSS6.5AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/30 6:19 p.m.5 views

CVE-2025-57757

Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, if a news feed contains protected news archives, their news items are not filtered and become publicly available in the RSS feed. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround...

5.3CVSS6.5AI score0.00281EPSS
Exploits0References1
NVD
NVD
added 2025/08/28 5:15 p.m.5 views

CVE-2025-57756

Contao is an Open Source CMS. In versions starting from 4.9.14 and prior to 4.13.56, 5.3.38, and 5.6.1, protected content elements that are rendered as fragments are indexed and become publicly available in the front end search. This issue has been patched in versions 4.13.56, 5.3.38, and 5.6.1. ...

5.3CVSS0.00266EPSS
Exploits0References3
NVD
NVD
added 2025/08/28 5:15 p.m.5 views

CVE-2025-57759

Contao is an Open Source CMS. In versions starting from 5.3.0 and prior to 5.3.38 and 5.6.1, under certain conditions, back end users may be able to edit fields of pages and articles without having the necessary permissions. This issue has been patched in versions 5.3.38 and 5.6.1. There are no...

4.3CVSS0.00225EPSS
Exploits0References3
NVD
NVD
added 2025/08/28 5:15 p.m.7 views

CVE-2025-57758

Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesn't check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying...

4.3CVSS0.00225EPSS
Exploits0References3
NVD
NVD
added 2025/08/28 5:15 p.m.12 views

CVE-2025-57757

Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, if a news feed contains protected news archives, their news items are not filtered and become publicly available in the RSS feed. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround...

5.3CVSS0.00281EPSS
Exploits0References3
Snyk
Snyk
added 2025/08/28 4:46 p.m.4 views

Incorrect Authorization

Overview contao/core-bundle is an Open Source PHP Content Management System for people who want a professional website that is easy to maintain. Affected versions of this package are vulnerable to Incorrect Authorization due to table access voter improper verification of a user permissions to...

5.3CVSS6.9AI score0.00225EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/28 4:46 p.m.4 views

Incorrect Authorization

Overview contao/core-bundle is an Open Source PHP Content Management System for people who want a professional website that is easy to maintain. Affected versions of this package are vulnerable to Incorrect Authorization in the page and article edit fields. An attacker can modify content without...

5.4CVSS6.9AI score0.00225EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/28 4:46 p.m.5 views

Incorrect Authorization

Overview contao/core-bundle is an Open Source PHP Content Management System for people who want a professional website that is easy to maintain. Affected versions of this package are vulnerable to Incorrect Authorization in the fragments rendering process. An attacker can access sensitive...

6.9CVSS6.7AI score0.00266EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/28 4:46 p.m.7 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper filtering protected news archives. An attacker can access sensitive information by retrieving protected news items that are unintentionally included in the public RSS feed. Workaround This...

6.9CVSS6.7AI score0.00281EPSS
Exploits0References2
OSV
OSV
added 2025/08/28 4:32 p.m.25 views

CVE-2025-57759 Contao has improper privilege management for page and article fields

Contao is an Open Source CMS. In versions starting from 5.3.0 and prior to 5.3.38 and 5.6.1, under certain conditions, back end users may be able to edit fields of pages and articles without having the necessary permissions. This issue has been patched in versions 5.3.38 and 5.6.1. There are no...

4.3CVSS6.4AI score0.00225EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/08/28 4:32 p.m.14 views

CVE-2025-57759 Contao has improper privilege management for page and article fields

Contao is an Open Source CMS. In versions starting from 5.3.0 and prior to 5.3.38 and 5.6.1, under certain conditions, back end users may be able to edit fields of pages and articles without having the necessary permissions. This issue has been patched in versions 5.3.38 and 5.6.1. There are no...

4.3CVSS0.00225EPSS
Exploits0References3
Rows per page
Query Builder