Lucene search
K

122 matches found

Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.6 views

PT-2025-48043

Name of the Vulnerable Software and Affected Versions Grype versions 0.68.0 through 0.104.0 Description Grype, a vulnerability scanner for container images and filesystems, contains a flaw where registry credentials can be improperly included in the output of a scan. This occurs when registry...

8.2CVSS6.7AI score0.0013EPSS
Exploits0References16
AstraLinux
AstraLinux
added 2025/10/14 6:5 p.m.2 views

Astra Linux - уязвимость в tomcat9

The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or...

7.5CVSS6.8AI score0.02505EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-24268

Malware in sbrugna...

5.4CVSS6.4AI score0.00339EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-30582

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00621EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-0546

Malicious code in bioql PyPI...

7.5CVSS7.9AI score0.02505EPSS
Exploits0References8
GithubExploit
GithubExploit
added 2025/08/21 9:20 p.m.266 views

Exploit for CVE-2025-8671

PoC-CVE-2025-8671-MadeYouReset-HTTP-2 PoC para validar vulnera...

7.5CVSS7.2AI score0.04604EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/06/15 12:42 p.m.244 views

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

VIETNAMESE - Cách sử dụng - Quét một IP: python3...

10CVSS8.3AI score0.97673EPSS
Exploits36
RedhatCVE
RedhatCVE
added 2025/05/22 5:9 p.m.5 views

CVE-2020-36827

The XAO::Web module before 1.84 for Perl mishandles characters in JSON output during use of json-embed in Web::Action...

5.4CVSS6.9AI score0.00339EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/21 12:0 a.m.5 views

Fedora 40 : rpki-client (2025-d5fdbedb7f)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-d5fdbedb7f advisory. rpki-client 9.5 - rpki-client now includes arin.tal which is no longer legally encumbered. See https://www.arin.net/announcements/20250116-tal/ - rpki-client...

5.7AI score
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/02/26 7:26 a.m.3 views

Recommended update for Maven

This update for Maven fixes the following issues: maven-dependency-analyzer was updated from version 1.13.2 to 1.15.1: Key changes across versions: Bug fixes and improved support of dynamic types Dependency upgrades ASM, Maven core, and notably the removal of commons-io Improved error handling by...

8.8CVSS8.4AI score0.22709EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/08/05 9:18 p.m.17 views

Editor.js vulnerable to Code Injection

Editor.js is a block-style editor with clean JSON output. Versions prior to 2.26.0 are vulnerable to Code Injection via pasted input. The processHTML method passes pasted input into wrapper’s innerHTML. This issue is patched in version 2.26.0...

6.1CVSS7AI score0.00533EPSS
Exploits1References6Affected Software1
OpenVAS
OpenVAS
added 2024/07/28 12:0 a.m.19 views

openSUSE Security Advisory (openSUSE-SU-2024:0227-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6CVSS6.9AI score0.00358EPSS
Exploits0References4
OSV
OSV
added 2024/07/27 4:1 a.m.17 views

OPENSUSE-SU-2024:0227-1 Security update for gh

This update for gh fixes the following issues: Update to version 2.53.0: CVE-2024-6104: gh: hashicorp/go-retryablehttp: url might write sensitive information to log file boo1227035 Disable TestGetTrustedRoot/successfullyverifiesTUFroot test due to https://github.com/cli/cli/issues/8928 Rename...

6CVSS6.6AI score0.00358EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.42 views

RHEL 7 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: Information Disclosure when using VirtualDirContext CVE-2017-12616 - tomcat: HTTP request smuggli...

8AI score0.71653EPSS
Exploits26References10
OSV
OSV
added 2024/04/10 5:15 p.m.8 views

GHSA-J5VM-7QCC-2WWG Kopia: Storage connection credentials written to console on "repository status" CLI command with JSON output

Impact What kind of vulnerability is it? Who is impacted? Storage credentials are written to the console. Patches Has the problem been patched? Yes, see 3589 What versions should users upgrade to? - Any version after or including commit 1d6f852cd6534f4bea978cbdc85c583803d79f77 - No release has be...

2CVSS5.8AI score
Exploits0References4
NVD
NVD
added 2024/03/24 1:15 a.m.13 views

CVE-2020-36827

The XAO::Web module before 1.84 for Perl mishandles characters in JSON output during use of json-embed in Web::Action...

5.4CVSS6.5AI score0.00339EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/24 12:0 a.m.17 views

CVE-2020-36827

The XAO::Web module before 1.84 for Perl mishandles characters in JSON output during use of json-embed in Web::Action...

6.5AI score0.00339EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/24 12:0 a.m.8 views

CVE-2020-36827

The XAO::Web module before 1.84 for Perl mishandles characters in JSON output during use of json-embed in Web::Action...

6.9AI score0.00339EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 11:9 a.m.38 views

BIT-TOMCAT-2022-45143 Apache Tomcat: JsonErrorReportValve escaping

The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or...

7.5CVSS6.9AI score0.02505EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/31 3:9 p.m.42 views

Security Bulletin: IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating Apache Tomcat Server

Summary Security Bulletin: IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating Apache Tomcat Server Vulnerability Details CVEID:CVE-2023-28708 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the missing of secure...

7.5CVSS8.4AI score0.51547EPSS
Exploits1Affected Software1
Rows per page
Query Builder