Lucene search
K

778 matches found

CNNVD
CNNVD
added 2025/10/29 12:0 a.m.3 views

MLflow 路径遍历漏洞

MLflow is an open source platform from MLflow that simplifies machine learning development, including tracking experiments, packaging code into repeatable runs, and sharing and deploying models. MLflow suffers from a path traversal vulnerability that stems from improper handling of model file...

9.8CVSS8.3AI score0.27133EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/24 12:40 a.m.9 views

CVE-2025-54966

An issue was discovered in BAE SOCET GXP before 4.6.0.2. Some endpoints on the SOCET GXP Job Status Service may return sensitive information in certain situations, including local file paths and SOCET GXP version information...

4.3CVSS6.4AI score0.00217EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/23 9:31 p.m.3 views

EUVD-2025-35710

An issue was discovered in BAE SOCET GXP before 4.6.0.2. Some endpoints on the SOCET GXP Job Status Service may return sensitive information in certain situations, including local file paths and SOCET GXP version information...

5.1CVSS5.8AI score0.00217EPSS
Exploits0References3
OSV
OSV
added 2025/10/23 8:15 p.m.5 views

CVE-2025-54966

An issue was discovered in BAE SOCET GXP before 4.6.0.2. Some endpoints on the SOCET GXP Job Status Service may return sensitive information in certain situations, including local file paths and SOCET GXP version information...

4.3CVSS5.8AI score0.00217EPSS
Exploits0References2
NVD
NVD
added 2025/10/23 8:15 p.m.5 views

CVE-2025-54966

An issue was discovered in BAE SOCET GXP before 4.6.0.2. Some endpoints on the SOCET GXP Job Status Service may return sensitive information in certain situations, including local file paths and SOCET GXP version information...

4.3CVSS0.00217EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/23 12:0 a.m.6 views

CVE-2025-54966

An issue was discovered in BAE SOCET GXP before 4.6.0.2. Some endpoints on the SOCET GXP Job Status Service may return sensitive information in certain situations, including local file paths and SOCET GXP version information...

0.00217EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/23 12:0 a.m.2 views

BAE Systems SOCET GXP 安全漏洞

BAE Systems SOCET GXP is a high-end geographic information image analysis and mapping software from BAE Systems. A security vulnerability exists in BAE Systems SOCET GXP versions prior to 4.6.0.2, which stems from the possibility that certain endpoints may return sensitive information, including...

4.3CVSS6.2AI score0.00217EPSS
Exploits0References3
CVE
CVE
added 2025/10/23 12:0 a.m.14 views

CVE-2025-54966

CVE-2025-54966 affects BAE Systems SOCET GXP prior to 4.6.0.2. The SOCET GXP Job Status Service endpoints may disclose sensitive information in certain situations, including local file paths and SOCET GXP version information. This is documented across NVD, Red Hat, EUVD/ENISA, and other feeds. No...

4.3CVSS6AI score0.00217EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/23 12:0 a.m.2 views

CVE-2025-54966

An issue was discovered in BAE SOCET GXP before 4.6.0.2. Some endpoints on the SOCET GXP Job Status Service may return sensitive information in certain situations, including local file paths and SOCET GXP version information...

6AI score0.00217EPSS
Exploits0References2
Veracode
Veracode
added 2025/10/16 7:11 a.m.9 views

Information Disclosure

typo3/cms-core is vulnerable to Information Disclosure. The vulnerability is due to improper handling of error messages in the File Abstraction Layer, which exposes full file paths during failed file-system operations, allowing an attacker to disclose sensitive system information...

5.3CVSS6.7AI score0.00214EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/10/14 5:16 p.m.5 views

CVE-2025-59292

External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally...

8.2CVSS0.00401EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/11 10:31 a.m.5 views

CVE-2025-52625

A vulnerability Cacheable SSL Page Found vulnerability has been identified in HCL AION. Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0...

3.7CVSS6.7AI score0.00218EPSS
Exploits0References1
Veracode
Veracode
added 2025/10/10 1:18 p.m.8 views

XML Injection

io.minio:minio is vulnerable to XML Injection. The vulnerability is due to automatic substitution of XML tag values containing system property or environment variable references during processing, which allows an attacker to craft malicious XML input that exposes sensitive information such as...

8.7CVSS6.5AI score0.00458EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/10/10 11:15 a.m.3 views

CVE-2025-52625

A vulnerability Cacheable SSL Page Found vulnerability has been identified in HCL AION. Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0...

7.5CVSS0.00218EPSS
Exploits0References1
OSV
OSV
added 2025/10/10 11:15 a.m.3 views

CVE-2025-52625

A vulnerability Cacheable SSL Page Found vulnerability has been identified in HCL AION. Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0...

7.5CVSS5.7AI score0.00218EPSS
Exploits0References1
CVE
CVE
added 2025/10/10 10:28 a.m.14 views

CVE-2025-52625

CVE-2025-52625 affects HCL AION 2.0. A vulnerability described as a Cacheable SSL Page Found issue could allow attackers with access to the device or browser to view cached data, exposing credentials, system identifiers, or internal file paths. Root cause specifics, affected components beyond the...

7.5CVSS6.4AI score0.00218EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/10 10:28 a.m.3 views

CVE-2025-52625 HCL AION is susceptible to Cacheable SSL Page Found vulnerability

A vulnerability Cacheable SSL Page Found vulnerability has been identified in HCL AION. Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0...

3.7CVSS6.4AI score0.00218EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/10 10:28 a.m.7 views

CVE-2025-52625 HCL AION is susceptible to Cacheable SSL Page Found vulnerability

A vulnerability Cacheable SSL Page Found vulnerability has been identified in HCL AION. Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0...

3.7CVSS0.00218EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/10 10:28 a.m.4 views

EUVD-2025-33697

A vulnerability Cacheable SSL Page Found vulnerability has been identified in HCL AION. Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0...

3.7CVSS6.3AI score0.00218EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.4 views

PT-2025-41545

Name of the Vulnerable Software and Affected Versions HCL AION version 2.0 Description A security issue has been identified in HCL AION where cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser. Recommendations At the...

3.7CVSS6.2AI score0.00218EPSS
Exploits0References5
Rows per page
Query Builder