Lucene search
+L

279 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-10045

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.0031EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-2277

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00807EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-3317

Malicious code in bioql PyPI...

7.1CVSS6.4AI score0.00624EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-13874

Malicious code in bioql PyPI...

8CVSS6.3AI score0.00229EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-0682

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.34498EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19760

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.005EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29412

Malicious code in bioql PyPI...

6.6AI score
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-0497

Malicious code in bioql PyPI...

5.7CVSS5.3AI score0.00414EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-0790

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00779EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.21 views

EUVD-2023-2058

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00295EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4096

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00848EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-2137

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00979EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2023-1928

Malicious code in bioql PyPI...

3.8CVSS4.6AI score0.00569EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/07/04 2:22 p.m.20 views

CVE-2025-53106

Graylog is a free and open log management platform. In versions 6.2.0 to before 6.2.4 and 6.3.0-alpha.1 to before 6.3.0-rc.2, Graylog users can gain elevated privileges by creating and using API tokens for the local Administrator or any other user for whom the malicious user knows the ID. For the...

8.8CVSS6.2AI score0.005EPSS
Exploits0References1
NVD
NVD
added 2025/07/02 2:15 p.m.10 views

CVE-2025-53106

Graylog is a free and open log management platform. In versions 6.2.0 to before 6.2.4 and 6.3.0-alpha.1 to before 6.3.0-rc.2, Graylog users can gain elevated privileges by creating and using API tokens for the local Administrator or any other user for whom the malicious user knows the ID. For the...

8.8CVSS0.005EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/02 1:28 p.m.15 views

CVE-2025-53106 Graylog vulnerable to privilege escalation through API tokens

Graylog is a free and open log management platform. In versions 6.2.0 to before 6.2.4 and 6.3.0-alpha.1 to before 6.3.0-rc.2, Graylog users can gain elevated privileges by creating and using API tokens for the local Administrator or any other user for whom the malicious user knows the ID. For the...

8.8CVSS0.005EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/02 1:28 p.m.5 views

CVE-2025-53106 Graylog vulnerable to privilege escalation through API tokens

Graylog is a free and open log management platform. In versions 6.2.0 to before 6.2.4 and 6.3.0-alpha.1 to before 6.3.0-rc.2, Graylog users can gain elevated privileges by creating and using API tokens for the local Administrator or any other user for whom the malicious user knows the ID. For the...

8.8CVSS7.1AI score0.005EPSS
Exploits0References3
CVE
CVE
added 2025/07/02 1:28 p.m.71 views

CVE-2025-53106

Graylog grant path vulnerability affects versions 6.2.0–6.2.4 and 6.3.0-alpha.1–6.3.0-rc.2. A weak permission check in the REST API token creation process lets a user with an account issue crafted requests to create API tokens for high-privilege users (including local Administrator), enabling pri...

8.8CVSS6.5AI score0.005EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/07/02 1:28 p.m.8 views

CVE-2025-53106 Graylog vulnerable to privilege escalation through API tokens

Graylog is a free and open log management platform. In versions 6.2.0 to before 6.2.4 and 6.3.0-alpha.1 to before 6.3.0-rc.2, Graylog users can gain elevated privileges by creating and using API tokens for the local Administrator or any other user for whom the malicious user knows the ID. For the...

8.8CVSS6.2AI score0.005EPSS
Exploits0References5
Veracode
Veracode
added 2025/07/02 12:27 p.m.8 views

Privilege Escalation

Graylog is vulnerable to Privilege Escalation. The vulnerability is due to insufficient permission checks due to a flaw in the Graylog REST API that allows authenticated users to create and use API tokens for other users, such as the local Administrator, if they know the target user's ID...

8.8CVSS6.6AI score0.005EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder