Lucene search
K

148 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-9197

Malware in sbrugna...

9CVSS6.4AI score0.0319EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-3736

Malware in sbrugna...

5CVSS6.4AI score0.01528EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-17099

Malware in sbrugna...

9.3CVSS7.9AI score0.00726EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-0411

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.01187EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-3257

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02034EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-8086

Malicious code in bioql PyPI...

4CVSS4.1AI score0.00821EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-1857

Malicious code in bioql PyPI...

9.9CVSS8.3AI score0.00342EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-23242

Malicious code in bioql PyPI...

6.3CVSS6.4AI score0.00506EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 11:28 a.m.5 views

EUVD-2025-32239

In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL...

7.3CVSS6.3AI score0.00327EPSS
Exploits2References2
NVD
NVD
added 2025/08/21 3:15 p.m.4 views

CVE-2025-55383

Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows attackers to upload files of any extension to any location on the target server...

8.6CVSS0.00265EPSS
Exploits0References1
Veracode
Veracode
added 2025/08/19 11:31 a.m.7 views

Code Execution

Vault is vulnerable to code execution. The vulnerability is due to a privileged operator with write access to sys/audit being able to exploit a plugin directory in Vault’s configuration, which allows an attacker to execute arbitrary code on the underlying host...

9.1CVSS8AI score0.00873EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/15 4:27 p.m.3 views

CVE-2025-8995 Authenticator Login - Highly critical - Access bypass - SA-CONTRIB-2025-096

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4...

6.6AI score0.00492EPSS
Exploits0References1
CVE
CVE
added 2025/08/13 9:4 p.m.23 views

CVE-2025-34154

CVE-2025-34154 affects UnForm Server Manager versions prior to 10.1.12. The issue is in the arc endpoint's log file analysis interface, where the fl parameter lacks proper input validation and path sanitization, allowing unauthenticated attackers to read arbitrary files on the host (including OS-...

9.2CVSS7.1AI score0.00783EPSS
Exploits0References4
OSV
OSV
added 2025/07/21 10:15 a.m.4 views

DEBIAN-CVE-2025-50151

File access paths in configuration files uploaded by users with administrator access are not validated. This issue affects Apache Jena version up to 5.4.0. Users are recommended to upgrade to version 5.5.0, which does not allow arbitrary configuration upload...

8.8CVSS5.8AI score0.00937EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/04 12:0 a.m.11 views

The vulnerability of Nokia’s Single Radio Access Network management platform lies in the improper limitation of the path name to the restricted access catalog. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Nokia Single RAN network management platform lies in the incorrect limitation of the path name when processing the PlanId parameter. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected informati...

6.5CVSS5.5AI score0.00229EPSS
Exploits0References2
CVE
CVE
added 2025/06/16 2:18 p.m.302 views

CVE-2025-49125

CVE-2025-49125 describes an Authentication Bypass via an Alternate Path or Channel in Apache Tomcat. Affected: Tomcat 11.0.0-M1–11.0.7, 10.1.0-M1–10.1.41, 9.0.0.M1–9.0.105; EOL versions (e.g., 8.5.x) may also be affected. Upstream fix advised: upgrade to Tomcat 11.0.8, 10.1.42 or 9.0.106. The CVS...

7.5CVSS7.6AI score0.03163EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/06/16 11:15 a.m.5 views

AZL-64073 CVE-2025-4748 affecting package erlang 26.2.5.17-1

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2,...

4.8CVSS6.6AI score0.00226EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/06 9:21 a.m.22 views

CVE-2025-48781 Soar Cloud HRD Human Resource Management System - External Control of File Name or Path

An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by specifying arbitrary file paths...

8.7CVSS0.0038EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:58 a.m.5 views

CVE-2024-33860

An issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion LFI when an arbitrary File Path is used within the File System Collector. The content of the file specified can be viewed in the incoming logs...

6.5CVSS7AI score0.00446EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:27 a.m.6 views

CVE-2023-32985

Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

4.3CVSS6.6AI score0.72358EPSS
Exploits0References1
Rows per page
Query Builder