Lucene search
K

128 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-24846

Malware in sbrugna...

6.9CVSS6.5AI score0.0022EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2017-6286

Malware in sbrugna...

7.9CVSS7.6AI score0.00422EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-9605

Malware in sbrugna...

8.5CVSS8.5AI score0.15115EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-3437

Malware in sbrugna...

7.8CVSS7.9AI score0.00473EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-4681

Malware in sbrugna...

7.5CVSS6.4AI score0.01759EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6167

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01957EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-49011

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00401EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-51896

Malicious code in bioql PyPI...

4.7CVSS5.2AI score0.00439EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-34666

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00457EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-3162

Malicious code in bioql PyPI...

7.3CVSS6.4AI score0.0014EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-50958

Malicious code in bioql PyPI...

5.3CVSS8.7AI score0.00385EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-40327

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Trusted Firmware-M TF-M 1.4.0, when Profile Small is used, has incorrect access control. NSPE can access a secure key held by the Crypto service based solely on...

5.9CVSS6.3AI score0.01194EPSS
Exploits0References2
CNVD
CNVD
added 2025/09/04 12:0 a.m.3 views

TOTOLINK A702R /boafrm/formOneKeyAccessButton File Buffer Overflow Vulnerability

TOTOLINK A702R is a wireless router device manufactured by China's Gion Electronics TOTOLINK, mainly used for home network connection and signal coverage. The TOTOLINK A702R suffers from a buffer overflow vulnerability that originates from the parameter submit-url in file...

9CVSS9.1AI score0.00598EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-41053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by SORTRO and as a result may grant users executing this...

3.3CVSS6.6AI score0.0034EPSS
Exploits0References2
OSV
OSV
added 2025/09/01 2:15 p.m.3 views

CVE-2025-9782

A vulnerability was found in TOTOLINK A702R 4.0.0-B20211108.1423. This vulnerability affects the function sub4466F8 of the file /boafrm/formOneKeyAccessButton. Performing manipulation of the argument submit-url results in buffer overflow. The attack may be initiated remotely. The exploit has been...

8.7CVSS6.3AI score
Exploits0References6
NVD
NVD
added 2025/09/01 2:15 p.m.4 views

CVE-2025-9782

A vulnerability was found in TOTOLINK A702R 4.0.0-B20211108.1423. This vulnerability affects the function sub4466F8 of the file /boafrm/formOneKeyAccessButton. Performing manipulation of the argument submit-url results in buffer overflow. The attack may be initiated remotely. The exploit has been...

9CVSS0.00598EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/08/27 10:25 a.m.3 views

CVE-2025-30064 Possibility to generate a session for any user via the "ex:action" parameter after obtaining access to the JWT key

An insufficiently secured internal function allows session generation for arbitrary users. The decodeParam function checks the JWT but does not verify which signing algorithm was used. As a result, an attacker can use the "ex:action" parameter in the VerifyUserByThrustedService function to genera...

8.8CVSS7.2AI score0.00077EPSS
Exploits0References1
OSV
OSV
added 2025/07/25 8:15 a.m.6 views

CVE-2025-8138

A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formOneKeyAccessButton of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

8.7CVSS6.3AI score0.07098EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/06/13 9:30 a.m.10 views

Salt's on demand pillar functionality vulnerable to arbitrary command injections

An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process...

6.7CVSS6.6AI score0.00157EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/06/13 9:30 a.m.4 views

GHSA-4J59-VV55-Q6H3 Salt's salt.auth.pki module does not properly authenticate callers

The salt.auth.pki module does not properly authenticate callers. The "password" field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication, as the caller does not need access to the corresponding private key for the authentication...

6.4CVSS7.3AI score0.00129EPSS
Exploits0References6
Rows per page
Query Builder