Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-42760

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00648EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-42761

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00785EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-42763

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00412EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-42756

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00328EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:10 a.m.12 views

CVE-2023-38997

A directory traversal vulnerability in the Captive Portal templates of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive...

7.2CVSS7.7AI score0.01138EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:10 a.m.12 views

CVE-2023-39003

OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 was discovered to contain insecure permissions in the directory /tmp...

7.5CVSS7.3AI score0.00648EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 2:21 a.m.9 views

CVE-2023-38999

A Cross-Site Request Forgery CSRF in the System Halt API /system/halt of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to cause a Denial of Service DoS via a crafted GET request...

6.5CVSS6.9AI score0.00328EPSS
Exploits1References1
NVD
NVD
added 2023/08/09 7:15 p.m.21 views

CVE-2023-39008

A command injection vulnerability in the component /api/cron/settings/setJob/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands...

9.8CVSS9.8AI score0.02561EPSS
Exploits1References2
NVD
NVD
added 2023/08/09 7:15 p.m.24 views

CVE-2023-39005

Insecure permissions exist for configd.socket in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2...

7.5CVSS7.6AI score0.00595EPSS
Exploits1References2
NVD
NVD
added 2023/08/09 7:15 p.m.21 views

CVE-2023-39004

Insecure permissions in the configuration directory /conf/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allow attackers to access sensitive information e.g., hashed root password which could lead to privilege escalation...

9.8CVSS9.3AI score0.00785EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/08/09 7:15 p.m.4 views

CVE-2023-39003

OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 was discovered to contain insecure permissions in the directory /tmp...

7.5CVSS7.1AI score0.00648EPSS
Exploits1References3
NVD
NVD
added 2023/08/09 7:15 p.m.25 views

CVE-2023-39002

A cross-site scripting XSS vulnerability in the act parameter of systemcertmanager.php in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS5.9AI score0.01162EPSS
Exploits1References2
NVD
NVD
added 2023/08/09 7:15 p.m.17 views

CVE-2023-39003

OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 was discovered to contain insecure permissions in the directory /tmp...

7.5CVSS7.6AI score0.00648EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/08/09 12:0 a.m.12 views

CVE-2023-39004

Insecure permissions in the configuration directory /conf/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allow attackers to access sensitive information e.g., hashed root password which could lead to privilege escalation...

6.6AI score0.00785EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.5 views

PT-2023-26723 · Opnsense · Opnsense Community Edition +1

Name of the Vulnerable Software and Affected Versions: OPNsense Community Edition versions prior to 23.7 OPNsense Business Edition versions prior to 23.4.2 Description: The issue is an open redirect in the Login page of OPNsense, allowing attackers to redirect a victim user to an arbitrary web si...

6.1CVSS6AI score0.0051EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.8 views

PT-2023-26728 · Opnsense · Opnsense Community Edition +1

Name of the Vulnerable Software and Affected Versions: OPNsense Community Edition versions prior to 23.7 OPNsense Business Edition versions prior to 23.4.2 Description: A cross-site scripting XSS issue exists in the act parameter of system certmanager.php, allowing attackers to execute arbitrary...

6.1CVSS6AI score0.01162EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.5 views

PT-2023-26733 · Opnsense · Opnsense Community Edition +1

Name of the Vulnerable Software and Affected Versions: OPNsense Community Edition versions prior to 23.7 OPNsense Business Edition versions prior to 23.4.2 Description: The issue allows for XSS via the openAction in the app/controllers/OPNsense/Cron/ItemController.php file, specifically in the...

9.6CVSS8.9AI score0.02315EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2023/08/09 12:0 a.m.22 views

CVE-2023-39002

A cross-site scripting XSS vulnerability in the act parameter of systemcertmanager.php in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.7AI score0.01162EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/08/09 12:0 a.m.13 views

CVE-2023-38999

A Cross-Site Request Forgery CSRF in the System Halt API /system/halt of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to cause a Denial of Service DoS via a crafted GET request...

6.9AI score0.00328EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/08/09 12:0 a.m.16 views

CVE-2023-39001

A command injection vulnerability in the component diagbackup.php of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary commands via a crafted backup configuration file...

8.1AI score0.02977EPSS
Exploits1References2
Rows per page
Query Builder