Lucene search
K

7 matches found

Cvelist
Cvelist
added 2026/03/02 11:16 a.m.21 views

CVE-2025-58405 Lack of protection mechanisms against Clickjacking attacks

The CGM CLININET application does not implement any mechanisms that prevent clickjacking attacks, neither HTTP security headers nor HTML-based frame‑busting protections were detected. As a result, an attacker can embed the application inside a maliciously crafted IFRAME and trick users into...

5.3CVSS0.00172EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 7 : firefox-128.12.0-1.0.1.el7.AXS7 (AXSA:2025-10426:21)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10426:21 advisory. firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet...

9.8CVSS6.5AI score0.03057EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/27 10:8 a.m.18 views

CVE-2025-8432 CentreonBI user account on the MBI server can execute commands as root by modifying script runned by the CRON

Incorrect Default Permissions vulnerability in Centreon Infra Monitoring MBI modules allows Embedding Scripts within Scripts by CentreonBI user account on the MBI server This issue affects Infra Monitoring: from 24.10.0 before 24.10.6, from 24.04.0 before 24.04.9, from 23.10.0 before 23.10.15...

8.4CVSS0.00378EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-3153

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.00792EPSS
Exploits1References6
NVD
NVD
added 2025/02/11 11:15 a.m.6 views

CVE-2025-0513

In affected versions of Octopus Server error messages were handled unsafely on the error page. If an adversary could control any part of the error message they could embed code which may impact the user viewing the error message...

5.4CVSS0.00225EPSS
Exploits0References1
PyPA
PyPA
added 2021/09/17 8:15 p.m.6 views

PYSEC-2021-322

Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtime before version 0.30.0 is affected by a type confusion vulnerability. As a Rust library the wasmtime crate clearly marks which functions are safe and which are unsafe, guaranteeing that if consumers never use unsafe then it should...

6.3CVSS7.3AI score0.00295EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2002/04/02 12:0 a.m.35 views

guninski-53.txt

Georgi Guninski security advisory 53, 2002 More Office XP problems Systems affected: Office XP Risk: High Date: 31 March 2002 Legal Notice: This Advisory is Copyright c 2002 Georgi Guninski. You may distribute it unmodified. You may not modify it and distribute it or distribute parts of it withou...

7.4AI score
Exploits0
Rows per page
Query Builder