Lucene search
K

179 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-2662

Malware in sbrugna...

10CVSS6.4AI score0.01769EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-8033

Malware in sbrugna...

6.1CVSS6.7AI score0.00739EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-4825

Malware in sbrugna...

4.3CVSS6.4AI score0.01279EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-14515

Malware in sbrugna...

5.4CVSS5.6AI score0.00354EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-37266

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00409EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-51739

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00357EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-29836

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00476EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-36383

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00354EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-28307

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00938EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-54412

Malicious code in bioql PyPI...

6.3CVSS6.6AI score0.00422EPSS
Exploits0References1
Snyk
Snyk
added 2025/06/25 6:41 p.m.4 views

External Control of File Name or Path

Overview ServiceStack.Text is a set of JSON, JSV and CSV text serializers Affected versions of this package are vulnerable to External Control of File Name or Path in the url parameter to the GetErrorResponse method. An attacker can relay NTLM credentials in the context of the current user by...

8.2CVSS6.6AI score0.00394EPSS
Exploits0References2
OSV
OSV
added 2025/06/25 5:41 p.m.7 views

CVE-2025-6444 ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability

ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This vulnerability allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

5.9CVSS6AI score0.00394EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/25 12:0 a.m.5 views

ServiceStack 输入验证错误漏洞

ServiceStack is an API for building high-performance web services from ServiceStack, Inc. An input validation error vulnerability exists in ServiceStack that stems from the GetErrorResponse method not properly validating user input, which could lead to an NTLM credential relay attack...

5.9CVSS5.8AI score0.00394EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:30 a.m.9 views

CVE-2024-38322

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869...

7.5CVSS6.6AI score0.00409EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 p.m.4 views

CVE-2021-41271

Discourse is a platform for community discussion. In affected versions a maliciously crafted request could cause an error response to be cached by intermediate proxies. This could cause a loss of confidentiality for some content. This issue is patched in the latest stable, beta and tests-passed...

5.3CVSS6.6AI score0.00938EPSS
Exploits0
Cvelist
Cvelist
added 2025/04/23 10:43 a.m.16 views

CVE-2025-42604 Detailed Error Response Vulnerability in Meon KYC solutions

This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker could exploit this vulnerability by accessing certain unauthorized API endpoints leading to detailed error messages as response leading to disclosure of system related...

6.9CVSS0.00392EPSS
Exploits0References1
Veracode
Veracode
added 2025/04/14 4:10 a.m.13 views

Information Disclosure

api-platform/core is vulnerable to Information disclosure. The vulnerability is due to improper handling of exception messages, where non-HTTP exceptions are not sanitized and are directly included in the JSON error response, allows potentially sensitive internal information to be exposed to...

5.3CVSS6.2AI score0.00357EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/05 5:23 p.m.29 views

CVE-2023-47639

API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. From 3.2.0 until 3.2.4, exception messages, that are not HTTP exceptions, are visible in the JSON error response. This vulnerability is fixed in 3.2.5...

5.3CVSS7AI score0.00357EPSS
Exploits0References5
NVD
NVD
added 2025/04/03 5:15 p.m.32 views

CVE-2023-47639

API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. From 3.2.0 until 3.2.4, exception messages, that are not HTTP exceptions, are visible in the JSON error response. This vulnerability is fixed in 3.2.5...

5.3CVSS0.00357EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/03 4:46 p.m.23 views

CVE-2023-47639 API Platform Core can leak exceptions message that may contain sensitive information

API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. From 3.2.0 until 3.2.4, exception messages, that are not HTTP exceptions, are visible in the JSON error response. This vulnerability is fixed in 3.2.5...

5.3CVSS0.00357EPSS
Exploits0References3
Rows per page
Query Builder