Lucene search
K

5614 matches found

Snyk
Snyk
added 2025/09/19 3:41 a.m.3 views

Incorrect Authorization

Overview edu.internet2.middleware.grouper:grouper is an Internet2 Groups Management Toolkit Affected versions of this package are vulnerable to Incorrect Authorization via improper job scheduling in the loader jobs configuration process. A group administrator who is not a member of the Grouper...

8.4CVSS7AI score0.00248EPSS
Exploits0References2
OSV
OSV
added 2025/09/19 3:15 a.m.2 views

CVE-2025-59714

In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs...

4.9CVSS5.8AI score0.00248EPSS
Exploits0References1
NVD
NVD
added 2025/09/19 3:15 a.m.5 views

CVE-2025-59714

In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs...

6.5CVSS0.00248EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/19 12:0 a.m.3 views

CVE-2025-59714

In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs...

6.5CVSS6.5AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/19 12:0 a.m.22 views

CVE-2025-59714

In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs...

6.5CVSS0.00248EPSS
Exploits0References1
CVE
CVE
added 2025/09/19 12:0 a.m.22 views

CVE-2025-59714

The CVE-2025-59714 entry concerns Internet2 Grouper. Affected: Grouper versions 5.17.1 up to 5.20.4 (before 5.20.5). Issue: group admins who are not Grouper sysadmins can configure loader jobs, enabling potential unauthorized loader job creation. Root cause: mis-validation/configuration of loader...

6.5CVSS6.5AI score0.00248EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.7 views

PT-2025-38504

Name of the Vulnerable Software and Affected Versions Internet2 Grouper versions 5.17.1 through 5.20.4 Description Group administrators who are not also Grouper system administrators can configure loader jobs. Recommendations Update to a version prior to 5.17.1 or after 5.20.5...

6.5CVSS6.6AI score0.00248EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/19 12:0 a.m.3 views

Grouper 安全漏洞

Grouper is an Internet2 open source enterprise access management system designed for highly distributed administrative environments and heterogeneous information technology environments common to colleges and universities. A security vulnerability exists in Grouper versions 5.17.1 through prior t...

6.5CVSS6.3AI score0.00248EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/18 12:0 a.m.4 views

RHEL 10 : grub2 (RHSA-2025:16154)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16154 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modula...

6.7CVSS6.5AI score0.00318EPSS
Exploits0References15
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 4:10 a.m.4 views

Malicious code in @teselagen/bounce-loader (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f2f86497a8f8ebd289f9296f0d154c87fd2429bdf4fc8de97c6b1684ed3b9aaa Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSV
OSV
added 2025/09/16 4:10 a.m.3 views

MAL-2025-47272 Malicious code in @teselagen/bounce-loader (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f2f86497a8f8ebd289f9296f0d154c87fd2429bdf4fc8de97c6b1684ed3b9aaa Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/09/15 3:4 p.m.6 views

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

8.8CVSS7.6AI score0.01495EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2025/09/15 2:44 p.m.9 views

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

8.8CVSS7.6AI score0.01495EPSS
Exploits1References8
vulnersOsv
vulnersOsv
added 2025/09/15 7:39 a.m.7 views

@teselagen/ove (>=0.0.18 <=0.7.27), @teselagen/ui (>=0.0.23 <=0.7.27) +3 more potentially affected by unknown CVE via @teselagen/bounce-loader (>=0.0.12 <=0.3.11)

@teselagen/bounce-loader NPM version =0.0.12, =0.0.18, =0.0.23, =15.0.0, =17.0.12 - ove-electron =1.2.8 - teselagen-react-components =30.15.8 Source cves: unknown CVE Source advisory: SNYK:JS-TESELAGENBOUNCELOADER-12744519...

5.8AI score
Exploits0
Snyk
Snyk
added 2025/09/15 7:39 a.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
Gitee
Gitee
added 2025/09/14 6:58 p.m.84 views

Exploit for CVE-2016-2610

This is a PoC exploit for CVE-2016-2610, a vulnerability in the PlayStation 4's kernel. The exploit targets the 4.55 firmware version and allows for arbitrary code execution as kernel. The exploit includes a loader that listens for payloads on port 9020 and executes them upon reception. The loade...

8.1AI score
Exploits1
Gitee
Gitee
added 2025/09/14 6:19 p.m.167 views

PS4-4.05-Kernel-Exploit

This repository contains a fully implemented kernel exploit for the PlayStation 4 on firmware version 4.05. The exploit, known as "namedobj," allows for arbitrary code execution as kernel, enabling jailbreaking and kernel-level modifications to the system. It includes a loader that listens for...

8AI score
Exploits0
Gitee
Gitee
added 2025/09/14 6:16 p.m.110 views

airbug

This repository is an offensive tool for collecting and utilizing web application vulnerabilities, specifically targeting Content Management Systems CMS. It is a Python-based tool that allows users to load and execute Proof of Concept PoC code for various vulnerabilities. The tool is designed to ...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/14 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2025-39787

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - soc: qcom: mdtloader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not...

5.5CVSS6.5AI score0.00148EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/09/13 8:3 a.m.7 views

soc: qcom: mdt_loader: Ensure we don't read past the ELF header

...

5.5CVSS6.8AI score0.00148EPSS
Exploits0
Rows per page
Query Builder