Lucene search
K

535 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2023-58464

Malicious code in bioql PyPI...

7.1CVSS6.4AI score0.00511EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-44650

Malicious code in bioql PyPI...

7.2CVSS7AI score0.00561EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-47648

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00644EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-16192

Malicious code in bioql PyPI...

7.1CVSS6.9AI score0.00539EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-34814

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00609EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-6777

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00227EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-47089

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00481EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2025/07/28 5:55 a.m.124 views

Exploit for SQL Injection in Progress Moveit_Cloud

CVE-2023-34362: Vulnerability Defense Package This repository...

9.8CVSS10AI score0.99934EPSS
Exploits15
The Hacker News
The Hacker News
added 2025/06/27 7:43 a.m.14 views

MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted

Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems. MOVEit Transfer is a popular...

9.8CVSS9.6AI score0.99934EPSS
Exploits15
Rapid7 Blog
Rapid7 Blog
added 2025/05/27 2:0 p.m.13 views

Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape

When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines. But this incident wasn’t the first, and it won’t be the last. It reflects a growing trend where attackers exploit third-party vendors to breach...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/27 2:0 p.m.5 views

Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape

When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines. But this incident wasn’t the first, and it won’t be the last. It reflects a growing trend where attackers exploit third-party vendors to breach...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:58 a.m.13 views

CVE-2023-6217

In Progress MOVEit Transfer versions released before 2022.0.9 14.0.9, 2022.1.10 14.1.10, 2023.0.7 15.0.7, a reflected cross-site scripting XSS vulnerability has been identified when MOVEit Gateway is used in conjunction with MOVEit Transfer. An attacker could craft a malicious payload targeting t...

7.1CVSS5.7AI score0.00511EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:40 a.m.7 views

CVE-2023-30394

The MoveIt framework 1.1.11 for ROS allows cross-site scripting XSS via the API authentication function. NOTE: this issue is disputed by the original reporter because it has "no impact."...

6.1CVSS6.1AI score0.00609EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:28 a.m.9 views

CVE-2023-36934

In Progress MOVEit Transfer before 2020.1.11 12.1.11, 2021.0.9 13.0.9, 2021.1.7 13.1.7, 2022.0.7 14.0.7, 2022.1.8 14.1.8, and 2023.0.4 15.0.4, a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized...

9.1CVSS7.9AI score0.94836EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:23 a.m.7 views

CVE-2023-34362

In Progress MOVEit Transfer before 2021.0.6 13.0.6, 2021.1.4 13.1.4, 2022.0.4 14.0.4, 2022.1.5 14.1.5, and 2023.0.1 15.0.1, a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database...

9.8CVSS7.9AI score0.99934EPSS
Exploits15References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:4 a.m.11 views

CVE-2023-6218

In Progress MOVEit Transfer versions released before 2022.0.9 14.0.9, 2022.1.10 14.1.10, 2023.0.7 15.0.7, a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions to the role of an...

7.2CVSS7.2AI score0.00696EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:53 p.m.5 views

CVE-2021-37614

In certain Progress MOVEit Transfer versions before 2021.0.3 aka 13.0.3, SQL injection in the MOVEit Transfer web application could allow an authenticated remote attacker to gain access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an...

8.8CVSS7.3AI score0.01496EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:49 p.m.8 views

CVE-2021-33894

In Progress MOVEit Transfer before 2019.0.6 11.0.6, 2019.1.x before 2019.1.5 11.1.5, 2019.2.x before 2019.2.2 11.2.2, 2020.x before 2020.0.5 12.0.5, 2020.1.x before 2020.1.4 12.1.4, and 2021.x before 2021.0.1 13.0.1, a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in th...

8.8CVSS7.5AI score0.01095EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:40 p.m.16 views

CVE-2021-38159

In certain Progress MOVEit Transfer versions before 2021.0.4 aka 13.0.4, SQL injection in the MOVEit Transfer web application could allow an unauthenticated remote attacker to gain access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an...

9.8CVSS8.1AI score0.01891EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:50 p.m.9 views

CVE-2020-12677

An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately sanitize malicious input, which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS. This affects 2018 - 2018.0 prior to 2018.0.3, 20...

6.1CVSS7.8AI score0.01861EPSS
Exploits0
Rows per page
Query Builder