Lucene search
K

417 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-53384

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01131EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-28479

Malicious code in bioql PyPI...

9.3CVSS6.3AI score0.00158EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1201

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.01386EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-26040

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.02054EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-0383

Malicious code in bioql PyPI...

8.7CVSS6.3AI score0.00791EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-25912

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00475EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-33356

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00715EPSS
Exploits1References2
NVD
NVD
added 2025/07/25 4:15 p.m.6 views

CVE-2025-34139

A vulnerability exists in Sitecore Experience Manager XM, Experience Platform XP, Experience Commerce XC, and Managed Cloud that could allow an unauthenticated attacker to read arbitrary files. This vulnerability affects all Experience Platform topologies XM, XP, XC from 8.0 Initial Release throu...

8.7CVSS0.00463EPSS
Exploits0References3
NVD
NVD
added 2025/07/18 8:15 p.m.7 views

CVE-2025-54310

qBittorrent before 5.1.2 does not prevent access to a local file that is referenced in a link URL. This affects rsswidget.cpp and searchjobwidget.cpp...

5.3CVSS0.00398EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/17 12:3 p.m.14 views

CVE-2025-7667

The Restrict File Access plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the 'restrict-file-access' page. This makes it possible for unauthenticated attackers to to delete arbitra...

8.1CVSS8AI score0.00271EPSS
Exploits0References1
CVE
CVE
added 2025/07/17 12:0 a.m.30 views

CVE-2025-53964

GoldenDict 1.5.0 and 1.5.1 are documented to expose a dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for any term from that dictionary. This vulnerability, described across sources (including FreeBSD VuXML and NVD/CVE records), inv...

9.6CVSS7AI score0.00427EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/14 12:0 a.m.9 views

The vulnerability of the Windows Performance Recorder (WPR) tool on Microsoft Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the Windows Performance Recorder WPR tool on Microsoft Windows operating systems is related to the incorrect handling of symbolic links before accessing the file. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.3CVSS5.5AI score0.0047EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/08 7:3 a.m.11 views

CVE-2025-41667 Phoenix Contact: File access due to the replacement of a critical file used by the arp-preinit script

A low privileged remote attacker with file access can replace a critical file used by the arp-preinit script to get read, write and execute access to any file on the device...

8.8CVSS0.00506EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/08 7:3 a.m.10 views

CVE-2025-41666 Phoenix Contact: File access due to the replacement of a critical file used by the watchdog

A low privileged remote attacker with file access can replace a critical file used by the watchdog to get read, write and execute access to any file on the device after the watchdog has been initialized...

8.8CVSS0.00502EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/02 7:27 p.m.2 views

CVE-2025-34076 Microweber CMS Authenticated Local File Inclusion via Backup API

An authenticated local file inclusion vulnerability exists in Microweber CMS versions = 1.2.11 through misuse of the backup management API. Authenticated users can abuse the /api/BackupV2/upload and /api/BackupV2/download endpoints to read arbitrary files from the underlying filesystem. By...

6.1CVSS6.8AI score0.01315EPSS
Exploits2References6
Vulnrichment
Vulnrichment
added 2025/07/02 9:52 a.m.6 views

CVE-2025-27025 Improper File Access in Infinera G42

The target device exposes a service on a specific TCP port with a configured endpoint. The access to that endpoint is granted using a Basic Authentication method. The endpoint accepts also the PUT method and it is possible to write files on the target device file system. Files are written as root...

8.8CVSS7AI score0.0062EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/29 12:0 a.m.5 views

PT-2025-27353 · Unknown · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical issue has been discovered, affecting an unknown functionality of the file "/forum1.php". The manipulation of the File argument leads to SQL injection. This issue can be exploited...

8.8CVSS8.1AI score0.00318EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/06/28 12:0 a.m.5 views

PT-2025-27285 · WordPress · Beeteam368 Extensions Pro

Name of the Vulnerable Software and Affected Versions: BeeTeam368 Extensions Pro plugin for WordPress versions up to, and including, 2.3.4 Description: The issue allows authenticated attackers with Subscriber-level access and above to perform actions on files outside of the originally intended...

8.8CVSS6.6AI score0.00729EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/06/23 9:25 a.m.14 views

CVE-2025-52936 Improper Link Resolution Before File Access vulnerability in yrutschle/sslh

Improper Link Resolution Before File Access 'Link Following' vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2...

9.3CVSS0.00158EPSS
Exploits0References1
CVE
CVE
added 2025/06/23 9:25 a.m.35 views

CVE-2025-52936

CVE-2025-52936 affects the sslh package (yrutschle sslh) prior to 2.2.2. Debian’s DLA-4238-1 and related advisories disclose a link-following vulnerability and fix it in Debian 11 bullseye with package version 1.20-1+deb11u1 . The vulnerability is described as an “Improp­er Link Resolution Before...

9.3CVSS6.7AI score0.00158EPSS
Exploits0References2
Rows per page
Query Builder