Lucene search
K

11270 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-7061

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00751EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6384

Malicious code in bioql PyPI...

7.5CVSS5.6AI score0.49102EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-2334

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.0082EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-14530

Malicious code in bioql PyPI...

9.1CVSS6.3AI score0.09517EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-46291

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.00771EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/03 12:48 p.m.6 views

CVE-2025-10244

A maliciously crafted HTML payload, when rendered by the Autodesk Fusion desktop application, can trigger a Stored Cross-site Scripting XSS vulnerability. A malicious actor may leverage this vulnerability to read local files or execute arbitrary code in the context of the current process...

8.7CVSS6.2AI score0.00418EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/03 12:0 a.m.5 views

PT-2025-40557

Name of the Vulnerable Software and Affected Versions QNAP versions prior to QTS 5.2.6.3195 build 20250715 QNAP versions prior to QuTS hero h5.2.6.3195 build 20250715 Description A path traversal issue exists in QNAP operating systems. A remote attacker with administrator privileges may be able t...

6.9CVSS6.6AI score0.00518EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/10/02 11:23 p.m.3 views

SUSE CVE-2025-54293

Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links...

6.5CVSS6.9AI score0.00537EPSS
Exploits1References3
OSV
OSV
added 2025/10/02 9:21 p.m.1 views

GHSA-W2HG-2V4P-VMH6 Canonical LXD Arbitrary File Read via Template Injection in Snapshot Patterns

Impact In LXD's instance snapshot creation functionality, the Pongo2 template engine is used in the snapshots.pattern configuration for generating snapshot names. While code execution functionality has not been found in this template engine, it has file reading capabilities, creating a...

7.1CVSS7.8AI score0.00339EPSS
Exploits1References4
Snyk
Snyk
added 2025/10/02 12:31 p.m.1 views

Files or Directories Accessible to External Parties

Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties due to improper restriction of file read. An attacker can obtain sensitive information by sending crafted requests to exposed resources. Note: This is only exploitable if the attacker...

7.5CVSS6.4AI score0.01262EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/02 12:31 p.m.4 views

Files or Directories Accessible to External Parties

Overview org.apache.kylin:kylin-core-common is a package part of Apache Kylin. Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties due to improper restriction of file read. An attacker can obtain sensitive information by sending crafted requests...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/02 12:31 p.m.2 views

Files or Directories Accessible to External Parties

Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties due to improper restriction of file read. An attacker can obtain sensitive information by sending crafted requests to exposed resources. Note: This is only exploitable if the attacker...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/02 10:43 a.m.7 views

CVE-2025-54293 Path Traversal in LXD Instance Log File Retrieval

Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links...

7.1CVSS0.00537EPSS
Exploits1References1
NVD
NVD
added 2025/10/02 10:15 a.m.4 views

CVE-2025-54287

Template Injection in instance snapshot creation component in Canonical LXD = 4.0 allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine...

7.1CVSS0.00339EPSS
Exploits1References1
OSV
OSV
added 2025/10/02 10:15 a.m.3 views

CVE-2025-54287

Template Injection in instance snapshot creation component in Canonical LXD = 4.0 allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine...

6.5CVSS7.1AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/02 9:47 a.m.2 views

CVE-2025-61734 Apache Kylin: improper restriction of file read

Files or Directories Accessible to External Parties vulnerability in Apache Kylin. You are fine as long as the Kylin's system and project admin access is well protected. This issue affects Apache Kylin: from 4.0.0 through 5.0.2. Users are recommended to upgrade to version 5.0.3, which fixes the...

6.6AI score0.01262EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/02 9:47 a.m.5 views

CVE-2025-61734 Apache Kylin: improper restriction of file read

Files or Directories Accessible to External Parties vulnerability in Apache Kylin. You are fine as long as the Kylin's system and project admin access is well protected. This issue affects Apache Kylin: from 4.0.0 through 5.0.2. Users are recommended to upgrade to version 5.0.3, which fixes the...

0.01262EPSS
Exploits0References1
CVE
CVE
added 2025/10/02 9:47 a.m.15 views

CVE-2025-61734

CVE-2025-61734 affects Apache Kylin (versions 4.0.0 through 5.0.2). The issue is an information-disclosure vulnerability caused by inadequate protection of sensitive information, allowing files or directories to be accessible to external parties. The vulnerability is addressed by upgrading to Apa...

7.5CVSS6.6AI score0.01262EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/02 9:16 a.m.1 views

CVE-2025-54287 Arbitrary File Read via Template Injection in Snapshot Patterns

Template Injection in instance snapshot creation component in Canonical LXD = 4.0 allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine...

7.1CVSS6.7AI score0.00339EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/10/02 9:16 a.m.6 views

CVE-2025-54287 Arbitrary File Read via Template Injection in Snapshot Patterns

Template Injection in instance snapshot creation component in Canonical LXD = 4.0 allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine...

7.1CVSS0.00339EPSS
Exploits1References1
Rows per page
Query Builder