Lucene search
+L

71 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.10 views

EUVD-2014-4897

Malware in sbrugna...

9.8CVSS9.2AI score0.04571EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-22953

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.05296EPSS
Exploits2References2
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-29342

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01508EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-29341

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.007EPSS
Exploits0References3
packetstormnews
packetstormnews
added 2025/08/04 12:0 a.m.5 views

LPAR2RRD Remote Code Execution

This repository contains a proof of concept exploit for CVE-2025-54769, a vulnerability found in lpar2rrd. The vulnerability allows remote code execution and directory traversal by abusing the /lpar2rrd-cgi/upgrade.sh endpoint...

8.8CVSS7.9AI score0.03038EPSS
Exploits4
exploitdb
exploitdb
added 2025/08/03 12:0 a.m.477 views

LPAR2RRD 8.04 - Remote Code Execution (RCE)

/ Author : Byte Reaper Title : LPAR2RRD 8.04 - Remote Code Execution RCE CVE : CVE-2025-54769 Vulnerability: RCE && directory traversal Description : Uploads a malicious Perl script via the LPAR2RRD upgrade endpoint, exploits directory traversal to place it in a CGI-executable path, then triggers...

8.8CVSS6.5AI score0.03038EPSS
Exploits4
redhatcve
redhatcve
added 2025/07/30 11:40 p.m.12 views

CVE-2025-54767

An authenticated, read-only user can kill any processes running on the Xormon Original virtual appliance as the lpar2rrd user...

6.5CVSS7.2AI score0.05296EPSS
Exploits2References1
osv
osv
added 2025/07/29 12:15 a.m.3 views

CVE-2025-54767

An authenticated, read-only user can kill any processes running on the Xormon Original virtual appliance as the lpar2rrd user...

6.5CVSS5.8AI score0.05296EPSS
Exploits2References3
nvd
nvd
added 2025/07/29 12:15 a.m.11 views

CVE-2025-54767

An authenticated, read-only user can kill any processes running on the Xormon Original virtual appliance as the lpar2rrd user...

6.5CVSS0.05296EPSS
Exploits2References3
cnnvd
cnnvd
added 2025/07/29 12:0 a.m.5 views

XORUX LPAR2RRD 安全漏洞

XORUX LPAR2RRD is a server performance monitoring platform from the Czech company XORUX. A security vulnerability exists in XORUX LPAR2RRD that stems from a combination of directory traversal and file upload functionality that could lead to remote code execution...

8.8CVSS7.6AI score0.03038EPSS
Exploits4References3
cnnvd
cnnvd
added 2025/07/29 12:0 a.m.5 views

XORUX LPAR2RRD 安全漏洞

XORUX LPAR2RRD is a server performance monitoring platform from the Czech company XORUX. A security vulnerability exists in XORUX LPAR2RRD that stems from improper privilege management and could lead to process termination...

6.5CVSS6.5AI score0.05296EPSS
Exploits2References2
cnnvd
cnnvd
added 2025/07/29 12:0 a.m.5 views

XORUX LPAR2RRD 安全漏洞

XORUX LPAR2RRD is a server performance monitoring platform from the Czech company XORUX. A security vulnerability exists in XORUX LPAR2RRD that stems from improper access control of API endpoints, which could lead to the disclosure of sensitive information...

5.3CVSS6.2AI score0.03976EPSS
Exploits2References2
packetstorm
packetstorm
added 2025/07/29 12:0 a.m.114 views

📄 Xorux LPAR2RRD 8.04 File Upload / Directory Traversal

Xorux LPAR2RRD versions 8.04 and below allow an authenticated, read-only user to upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code...

8.8CVSS9.7AI score0.03038EPSS
Exploits4
packetstorm
packetstorm
added 2025/07/29 12:0 a.m.128 views

📄 Xorux LPAR2RRD 8.04 Denial of Service

Xorux LPAR2RRD versions 8.04 and below have an issue where an authenticated, read-only user can kill any processes running on the Xormon Original virtual appliance as the lpar2rrd user. KL-001-2025-014: Xorux LPAR2RRD Read Only User Denial of Service Title: Xorux LPAR2RRD Read Only User Denial of...

6.5CVSS6.5AI score0.05296EPSS
Exploits2
packetstorm
packetstorm
added 2025/07/29 12:0 a.m.102 views

📄 Xorux LPAR2RRD 8.04 Information Disclosure

Xorux LPAR2RRD versions 8.04 and below have an API endpoint that should be limited to web application administrators. It is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to download logs from the appliance configuration, exposing sensitive...

5.3CVSS6.2AI score0.03976EPSS
Exploits2
vulnrichment
vulnrichment
added 2025/07/28 11:34 p.m.3 views

CVE-2025-54769 KL-001-2025-016: Xorux LPAR2RRD File Upload Directory Traversal

An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code execution RCE by an attacker...

7.5AI score0.03038EPSS
Exploits4References2
cvelist
cvelist
added 2025/07/28 11:34 p.m.16 views

CVE-2025-54769 KL-001-2025-016: Xorux LPAR2RRD File Upload Directory Traversal

An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code execution RCE by an attacker...

0.03038EPSS
Exploits4References2
vulnrichment
vulnrichment
added 2025/07/28 11:31 p.m.8 views

CVE-2025-54768 KL-001-2025-015: Xorux LPAR2RRD Read Only User Log Download Exposing Sensitive Information

An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to download logs from the appliance configuration, exposing sensitive information...

6.4AI score0.03976EPSS
Exploits2References2
cvelist
cvelist
added 2025/07/28 11:31 p.m.38 views

CVE-2025-54768 KL-001-2025-015: Xorux LPAR2RRD Read Only User Log Download Exposing Sensitive Information

An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to download logs from the appliance configuration, exposing sensitive information...

0.03976EPSS
Exploits2References2
vulnrichment
vulnrichment
added 2025/07/28 11:28 p.m.3 views

CVE-2025-54767 KL-001-2025-014: Xorux LPAR2RRD Read Only User Denial of Service

An authenticated, read-only user can kill any processes running on the Xormon Original virtual appliance as the lpar2rrd user...

6.6AI score0.05296EPSS
Exploits2References2
Rows per page
Query Builder