Lucene search
K

163 matches found

Android Security Bulletins
Android Security Bulletins
added 2025/06/10 12:0 a.m.48 views

Android 16 Security Release NotesStay organized with collectionsSave and categorize content based on your preferences.

This Android Security Release Notes contains details of security vulnerabilities affecting Android devices which are addressed as part of Android 16. Android 16 devices with a security patch level of 2025-07-01 or later are protected against these issues Android 16, as released on AOSP, will have...

8.8CVSS8.2AI score0.00278EPSS
Exploits0
NVD
NVD
added 2025/05/21 10:15 p.m.15 views

CVE-2025-48070

Plane is open-source project management software. Versions prior to 0.23 have insecure permissions in UserSerializer that allows users to change fields that are meant to be read-only, such as email. This can lead to account takeover when chained with another vulnerability such as cross-site...

4.3CVSS0.00227EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/05/21 10:11 p.m.8 views

CVE-2025-48070 Plane has insecure permissions in UserSerializer

Plane is open-source project management software. Versions prior to 0.23 have insecure permissions in UserSerializer that allows users to change fields that are meant to be read-only, such as email. This can lead to account takeover when chained with another vulnerability such as cross-site...

3.5CVSS3.7AI score0.00227EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/05/10 12:0 a.m.6 views

Code-Projects Simple Banking System 安全漏洞

Code-Projects Simple Banking System is a simple banking system from Code-Projects open source. A security vulnerability exists in Code-Projects Simple Banking System version 1.0 and earlier, which originates from a buffer overflow due to a parameter password2 operation in the Sign In component...

7.8CVSS5.8AI score0.00304EPSS
Exploits1References6
Kitploit
Kitploit
added 2025/05/03 12:30 p.m.34 views

Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database

Automatically generates beautiful and easy-to-read ER diagrams from your database. Website • Documentation • Roadmap What's Liam ERD? Liam ERD generates beautiful, interactive ER diagrams from your database. Whether you're working on public or private repositories, Liam ERD helps you visualize...

7.2AI score
Exploits0References2
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.6 views

PeerTube 安全漏洞

PeerTube is a decentralized video sharing service platform open-sourced by Chocobozzz. It is used to create video projects. PeerTube suffers from a security vulnerability that stems from a lack of permission validation, which could lead to the addition of playlists to other users' channels via th...

5.3CVSS6.5AI score0.00333EPSS
Exploits1References2
CNVD
CNVD
added 2025/04/08 12:0 a.m.8 views

Apache Seata Code Issue Vulnerability

Apache Seata is the United States Apache Apache Foundation of a microservices architecture in the United States to provide high-performance and easy to use distributed transaction services in the open source project . Apache Seata suffers from a code issue vulnerability that stems from...

9.8CVSS7.4AI score0.01088EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.6 views

Code-Projects Patient Record Management System 注入漏洞

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from the validation of externally entered SQL statements that is missing from the parameter itrno in the birthingprint.php file. The...

7.5CVSS7AI score0.00404EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/23 12:0 a.m.7 views

SourceCodester Online Eyewear Shop 安全漏洞

SourceCodester Online Eyewear Shop is a SourceCodester open source online eyewear store website project developed using PHP and MySQL that provides an online shopping and ordering platform for the eyewear business and its potential customers. A security vulnerability exists in SourceCodester Onli...

6.9CVSS5.5AI score0.00631EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.7 views

Apache Seata 安全漏洞

Apache Seata is an open source project from the Apache Foundation that provides high-performance and easy-to-use distributed transaction services in a microservices architecture. A security vulnerability exists in Apache Seata version 2.2.0 and earlier, which stems from improper handling of highl...

4.3CVSS6.5AI score0.00567EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.6 views

编号撤回

PyTorch is a Python package in the PyTorch open source. This CVE number has been withdrawn...

5.4AI score
Exploits0References1
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.12 views

libzvbi 输入验证错误漏洞

libzvbi is a VBI utility in the zapping-vbi open source. An input validation error vulnerability exists in libzvbi version 0.2.43 and earlier, which stems from an integer overflow and could lead to a remote attack...

7.5CVSS7.4AI score0.00562EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/03/06 12:0 a.m.4 views

Code-Projects Blood Bank Management System 注入漏洞

Code-Projects Blood Bank Management System is an open source blood bank management system from Code-Projects. An injection vulnerability exists in Code-Projects Blood Bank Management System version 1.0, which stems from an incorrect manipulation of the parameter requesterid that can lead to SQL...

8.8CVSS7.1AI score0.00463EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/03/06 12:0 a.m.3 views

E-Commerce-Website-Using-PHP 注入漏洞

E-Commerce-Website-Using-PHP is a free and open source full-featured e-commerce website project. An injection vulnerability exists in E-Commerce-Website-Using-PHP version 1.0, which stems from the fact that incorrect manipulation of the parameter pcat can lead to SQL injection...

9.8CVSS7AI score0.00478EPSS
Exploits1References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/03 6:0 p.m.3 views

Malicious code in calculated_members_message (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5529e99d26fab951551b850892343db8270230c71da1a8091e2bca79559e37f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Android Security Bulletins
Android Security Bulletins
added 2025/03/03 12:0 a.m.33 views

Android Security Bulletin—March 2025Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2025-03-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

9.8CVSS9.4AI score0.00809EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 8:24 a.m.5 views

CVE-2024-47830

Plane is an open-source project management tool. Plane uses the wildcard support to retrieve the image from any hostname as in /web/next.config.js. This may permit an attacker to induce the server side into performing requests to unintended locations. This vulnerability is fixed in 0.23.0...

9.3CVSS9AI score0.00553EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 12:31 a.m.5 views

CVE-2024-31461

Plane, an open-source project management tool, has a Server-Side Request Forgery SSRF vulnerability in versions prior to 0.17-dev. This issue may allow an attacker to send arbitrary requests from the server hosting the application, potentially leading to unauthorized access to internal systems. T...

9.1CVSS6.7AI score0.00667EPSS
Exploits0References1
Fedora
Fedora
added 2025/01/29 5:3 a.m.7 views

[SECURITY] Fedora 41 Update: abseil-cpp-20240722.1-1.fc41

Abseil is an open-source collection of C++ library code designed to augment the C++ standard library. The Abseil library code is collected from Google's own C++ code base, has been extensively tested and used in production, and is the same code we depend on in our daily coding lives. In some case...

7.4AI score
Exploits0
NVD
NVD
added 2025/01/06 10:15 p.m.21 views

CVE-2025-21616

Plane is an open-source project management tool. A cross-site scripting XSS vulnerability has been identified in Plane versions prior to 0.23. The vulnerability allows authenticated users to upload SVG files containing malicious JavaScript code as profile images, which gets executed in victims'...

5.4CVSS0.00263EPSS
Exploits1References1
Rows per page
Query Builder