Lucene search
K

124 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-12381

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00109EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-24404

Malicious code in bioql PyPI...

8.2CVSS6.5AI score0.00567EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-30982

Malicious code in bioql PyPI...

8.2CVSS7.7AI score0.0069EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-15240

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.00168EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 2:5 a.m.4 views

CVE-2025-42943 Information Disclosure in SAP GUI for Windows

SAP GUI for Windows may allow the leak of NTML hashes when specific ABAP frontend services are called with UNC paths. For a successful attack, the attacker needs developer authorization in a specific Application Server ABAP to make changes in the code, and the victim needs to execute by using SAP...

4.5CVSS7.3AI score0.00289EPSS
Exploits0References2
Veracode
Veracode
added 2025/08/07 12:37 p.m.4 views

Sensitive Information Disclosure

Opencast is vulnerable to Sensitive Information Disclosure. The vulnerability is due to exposure of hashed credentials due to incorrect handling of global system account credentials when fetching mediapackage elements, allowing attackers with ingest permissions to exfiltrate them to an external U...

6.5CVSS6AI score0.00353EPSS
Exploits0References6Affected Software4
RedhatCVE
RedhatCVE
added 2025/07/28 4:32 a.m.7 views

CVE-2025-54380

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to version 17.6, Opencast would incorrectly send the hashed global system account credentials ie: org.opencastproject.security.digest.user and org.opencastproject.security.digest.pass...

6.5CVSS6.9AI score0.00353EPSS
Exploits0References1
Snyk
Snyk
added 2025/07/26 4:57 a.m.3 views

Insufficiently Protected Credentials

Overview org.opencastproject:opencast-ingest-service-impl is a free and open source solution for automated video capture and distribution at scale. Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the process of fetching MediaPackage elements included i...

7.1CVSS6AI score0.00353EPSS
Exploits0References2
NVD
NVD
added 2025/07/26 4:16 a.m.6 views

CVE-2025-54380

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to version 17.6, Opencast would incorrectly send the hashed global system account credentials ie: org.opencastproject.security.digest.user and org.opencastproject.security.digest.pass...

6.5CVSS0.00353EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/26 3:28 a.m.9 views

CVE-2025-54380 Opencast still publishes global system account credentials

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to version 17.6, Opencast would incorrectly send the hashed global system account credentials ie: org.opencastproject.security.digest.user and org.opencastproject.security.digest.pass...

6.5CVSS0.00353EPSS
Exploits0References3
OSV
OSV
added 2025/07/26 3:28 a.m.7 views

CVE-2025-54380 Opencast still publishes global system account credentials

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to version 17.6, Opencast would incorrectly send the hashed global system account credentials ie: org.opencastproject.security.digest.user and org.opencastproject.security.digest.pass...

6.5CVSS6.4AI score0.00353EPSS
Exploits0References5
OSV
OSV
added 2025/07/25 8:13 p.m.2 views

GHSA-J63H-HMGW-X4J7 Opencast still publishes global system account credentials

Description Opencast prior to versions 17.6 would incorrectly send the hashed global system account credentials ie: org.opencastproject.security.digest.user and org.opencastproject.security.digest.pass when attempting to fetch mediapackage elements included in a mediapackage XML file. A previous...

6.5CVSS6.5AI score0.00353EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/07/25 8:13 p.m.6 views

Opencast still publishes global system account credentials

Description Opencast prior to versions 17.6 would incorrectly send the hashed global system account credentials ie: org.opencastproject.security.digest.user and org.opencastproject.security.digest.pass when attempting to fetch mediapackage elements included in a mediapackage XML file. A previous...

6.5CVSS6.5AI score0.00353EPSS
Exploits0References6Affected Software4
RedhatCVE
RedhatCVE
added 2025/05/22 4:40 p.m.8 views

CVE-2020-3998

VMware Horizon Client for Windows 5.x prior to 5.5.0 contains an information disclosure vulnerability. A malicious attacker with local privileges on the machine where Horizon Client for Windows is installed may be able to retrieve hashed credentials if the client crashes...

6.5CVSS6.3AI score0.01268EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:41 a.m.8 views

CVE-2019-5135

An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management WBM web application on WAGO PFC100/200 controllers. The WBM application makes use of the PHP crypt function which can be exploited to disclose hashed user credentials. This affec...

5.3CVSS7AI score0.01022EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:38 a.m.8 views

CVE-2019-3649

Information Disclosure vulnerability in McAfee Advanced Threat Defense ATD prior to 4.8 allows remote authenticated attackers to gain access to hashed credentials via carefully constructed POST request extracting incorrectly recorded data from log files...

6.5CVSS6.7AI score0.00923EPSS
Exploits0References1
OSV
OSV
added 2025/05/13 12:0 a.m.10 views

ALSA-2025:7435 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-2830 thunderbird: Leak of hashed Window credentials via crafted...

6.4CVSS6.5AI score0.00295EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/05/07 12:59 p.m.5 views

thunderbird: Leak of hashed Window credentials via crafted attachment URL

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to...

6.3CVSS6.6AI score0.00226EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.7 views

RHEL 8 : thunderbird (RHSA-2025:4654)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:4654 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachmen...

6.4CVSS7AI score0.00295EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.5 views

RHEL 8 : thunderbird (RHSA-2025:4617)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:4617 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachmen...

6.4CVSS7AI score0.00295EPSS
Exploits0References8
Rows per page
Query Builder