Lucene search
K

130 matches found

Tenable Nessus
Tenable Nessus
added 2025/07/28 12:0 a.m.5 views

Lighthouse Studio < 9.16.14 Remote Code Execution

Lighthouse Studio version 9.16.3 and earlier is vulnerable to a remote code execution through the ciwweb.pl Perl web application. This vulnerability allows an attacker to execute arbitrary code on the server by sending a specially crafted request to the ciwweb.pl script. No source data...

10CVSS8.7AI score0.4942EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2025/07/18 1:58 p.m.5 views

CVE-2025-34300

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl http://ciwweb.pl/ Perl web application. Exploitation allows an unauthenticated attacker can execute arbitrary commands...

10CVSS8.1AI score0.4942EPSS
Exploits4References1
NVD
NVD
added 2025/07/16 1:15 p.m.7 views

CVE-2025-34300

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl http://ciwweb.pl/ Perl web application. Exploitation allows an unauthenticated attacker can execute arbitrary commands...

10CVSS0.4942EPSS
Exploits4References3
Vulnrichment
Vulnrichment
added 2025/07/16 12:57 p.m.4 views

CVE-2025-34300 Sawtooth Software Lighthouse Studio < 9.16.14 Pre-Authentication RCE

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl http://ciwweb.pl/ Perl web application. Exploitation allows an unauthenticated attacker can execute arbitrary commands...

10CVSS7.2AI score0.4942EPSS
Exploits4References3
ATTACKERKB
ATTACKERKB
added 2025/07/16 12:57 p.m.5 views

CVE-2025-34300

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl http://ciwweb.pl/ Perl web application. Exploitation allows an unauthenticated attacker can execute arbitrary commands...

10CVSS6.2AI score0.4942EPSS
Exploits4References7
EUVD
EUVD
added 2025/07/16 12:57 p.m.6 views

EUVD-2025-21694

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl http://ciwweb.pl/ Perl web application. Exploitation allows an unauthenticated attacker can execute arbitrary commands...

10CVSS7.8AI score0.4942EPSS
Exploits4References2
Cvelist
Cvelist
added 2025/07/16 12:57 p.m.14 views

CVE-2025-34300 Sawtooth Software Lighthouse Studio < 9.16.14 Pre-Authentication RCE

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl http://ciwweb.pl/ Perl web application. Exploitation allows an unauthenticated attacker can execute arbitrary commands...

10CVSS0.4942EPSS
Exploits4References3
CVE
CVE
added 2025/07/16 12:57 p.m.85 views

CVE-2025-34300

Sawtooth Software Lighthouse Studio

10CVSS7.3AI score0.4942EPSS
In wildExploits4References3
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.4 views

Sawtooth Lighthouse Studio 安全漏洞

Sawtooth Lighthouse Studio is a federated analytics platform from Sawtooth USA. A security vulnerability exists in Sawtooth Lighthouse Studio versions prior to 9.16.14 that stems from template injection and could lead to the execution of arbitrary commands...

10CVSS7.2AI score0.4942EPSS
Exploits4References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/24 9:8 a.m.5 views

Malicious code in ig-lighthouse-security-audits (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 226acd90be6fefc4cd12da9d6b73604ee919205ed49e1e44f5d336b5576c3717 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/01/24 9:8 a.m.2 views

MAL-2025-576 Malicious code in ig-lighthouse-to-influxdb (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92e8d076b669d18ea59535f03270a27adbfc6b0717789403453fabeb522b988b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/01/24 9:8 a.m.5 views

MAL-2025-575 Malicious code in ig-lighthouse-security-audits (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 226acd90be6fefc4cd12da9d6b73604ee919205ed49e1e44f5d336b5576c3717 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/24 9:8 a.m.4 views

Malicious code in ig-lighthouse-to-influxdb (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92e8d076b669d18ea59535f03270a27adbfc6b0717789403453fabeb522b988b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Openbugbounty
Openbugbounty
added 2024/01/31 3:56 p.m.17 views

anaheimlighthouse.com Cross Site Scripting vulnerability OBB-3846806

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2023/04/12 12:0 p.m.6 views

borsh-schema-writer (=0.1.0), borsh-serde-adapter (=0.1.0) +7 more potentially affected by unknown CVE via borsh (>=0.10.2 <=0.10.3)

borsh CARGO version =0.10.2, =0.4.2, =0.4.1, =0.4.3 - pchain-world-state =0.4.2 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0033...

5.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2021/12/28 4:53 a.m.11 views

lighthouse-lc.de Cross Site Scripting vulnerability OBB-2312960

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/11/02 3:0 p.m.15 views

Protect your business with Microsoft Security’s comprehensive protection

Securing an organization has never been simple. But over the past year, we’ve seen significant changes in the threat landscape that are having a major impact on organizations of every size in every sector. The frequency and sophistication of cyber events have increased significantly. We see...

6.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/11/02 3:0 p.m.16 views

Protect your business with Microsoft Security’s comprehensive protection

Securing an organization has never been simple. But over the past year, we’ve seen significant changes in the threat landscape that are having a major impact on organizations of every size in every sector. The frequency and sophistication of cyber events have increased significantly. We see...

6.8AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/07/14 3:0 p.m.36 views

How Microsoft Security empowers partners to build customer trust

As I reflect on my first year at Microsoft, it was both challenging and exceptional: from my remote onboarding in the middle of a pandemic to dramatic changes in the cyber landscape, to Microsoft’s critical role as a frontline responder in some of the most sophisticated cyberattacks in history an...

7.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/07/14 3:0 p.m.36 views

How Microsoft Security empowers partners to build customer trust

As I reflect on my first year at Microsoft, it was both challenging and exceptional: from my remote onboarding in the middle of a pandemic to dramatic changes in the cyber landscape, to Microsoft’s critical role as a frontline responder in some of the most sophisticated cyberattacks in history an...

7.2AI score
Exploits0
Rows per page
Query Builder