12995 matches found
EUVD-2025-6117
Malicious code in bioql PyPI...
EUVD-2024-50528
Malicious code in bioql PyPI...
EUVD-2025-29021
Malicious code in bioql PyPI...
EUVD-2024-24376
Malicious code in bioql PyPI...
EUVD-2024-44468
Malicious code in bioql PyPI...
libndp bug fix and enhancement update
An update is available for libndp. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 10.0...
mod_proxy_cluster bug fix and enhancement update
An update is available for modproxycluster. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
rsync bug fix and enhancement update
An update is available for rsync. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 10...
libxml2 bug fix and enhancement update
An update is available for libxml2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 10...
Tucows (VDP): CSRF allowing unauthorized modification of user Notes on ███████
A CSRF vulnerability was discovered that allowed unauthorized modification of user notes. The vulnerability was present in the endpoint that handled saving the notes. The endpoint did not implement proper CSRF protection, allowing an attacker to craft a malicious link that could be used to modify...
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
...
CVE-2025-56392
An Insecure Direct Object Reference IDOR in the /dashboard/notes endpoint of Syaqui Collegetivity v1.0.0 allows attackers to impersonate other users and perform arbitrary operations via a crafted POST request...
CVE-2025-56392
An Insecure Direct Object Reference IDOR in the /dashboard/notes endpoint of Syaqui Collegetivity v1.0.0 allows attackers to impersonate other users and perform arbitrary operations via a crafted POST request...
CVE-2025-56392
An Insecure Direct Object Reference IDOR in the /dashboard/notes endpoint of Syaqui Collegetivity v1.0.0 allows attackers to impersonate other users and perform arbitrary operations via a crafted POST request...
Collegetivity 安全漏洞
Collegetivity is a university student activity system by the individual developer Syauqizaidan Khairan Khalaf. A security vulnerability exists in Collegetivity version 1.0.0, which stems from the presence of an insecure direct object reference in the /dashboard/notes endpoint, which could allow a...
CVE-2025-56392
Summary: CVE-2025-56392 affects Syaqui Collegetivity v1.0.0 and is caused by an insecure direct object reference in the /dashboard/notes API endpoint. An attacker can impersonate other users and perform arbitrary operations by sending a crafted POST request. Affected software/component: Syaqui Co...
PT-2025-40024
Name of the Vulnerable Software and Affected Versions Syaqui Collegetivity version 1.0.0 Description An Insecure Direct Object Reference IDOR exists in the /dashboard/notes API endpoint. This allows attackers to impersonate other users and perform unauthorized actions by sending a specially craft...
CVE-2025-56392
An Insecure Direct Object Reference IDOR in the /dashboard/notes endpoint of Syaqui Collegetivity v1.0.0 allows attackers to impersonate other users and perform arbitrary operations via a crafted POST request...
CVE-2025-56392
An Insecure Direct Object Reference IDOR in the /dashboard/notes endpoint of Syaqui Collegetivity v1.0.0 allows attackers to impersonate other users and perform arbitrary operations via a crafted POST request...
Exploit for OS Command Injection in Dell Unity_Operating_Environment
watchTowr-vs-Dell-UnityVSA-CVE-2025-36604 Detection Artifact...