Lucene search
K

186 matches found

EUVD
EUVD
added 2025/12/29 9:32 a.m.4 views

EUVD-2025-205569

A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown function of the file /home/served.php. Executing manipulation of the argument refNo can lead to sql injection. The attack can be executed remotely. The exploit has been made available to th...

7.5CVSS6.5AI score0.00322EPSS
Exploits0References6
EUVD
EUVD
added 2025/12/24 9:30 p.m.3 views

EUVD-2025-205348

FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig REST API that allows attackers to download sensitive configuration files. Attackers can exploit the getConfigExportFile.cgi endpoint to retrieve system configurations, potentially enabling authenticati...

8.7CVSS6.7AI score0.00434EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/24 9:30 p.m.3 views

EUVD-2025-205350

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerability in the configuration file upload functionality. Attackers can upload a malicious HTML file to that executes arbitrary JavaScript in a user's browser session when viewed...

7.2CVSS5.6AI score0.00238EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/24 12:30 p.m.2 views

EUVD-2025-205137

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...

6AI score0.00145EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/24 12:30 p.m.4 views

EUVD-2025-205176

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the tailroom of this skb is not big enough, we would access invalid memory region. For low level...

6AI score0.00167EPSS
Exploits0References4
OSV
OSV
added 2025/12/23 10:15 p.m.2 views

CVE-2025-14494

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on...

7.8CVSS6.2AI score0.00171EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/23 9:30 p.m.4 views

EUVD-2025-204813

NSF Unidata NetCDF-C NC Variable Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NSF Unidata NetCDF-C. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS7.2AI score0.0031EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/23 9:30 p.m.3 views

EUVD-2025-204828

CMSimple 5.4 contains an authenticated remote code execution vulnerability that allows logged-in attackers to inject malicious PHP code into template files. Attackers can exploit the template editing functionality by crafting a reverse shell payload and saving it through the template editing...

8.8CVSS7.5AI score0.0076EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/23 9:30 p.m.3 views

EUVD-2025-204823

Hugging Face Transformers SEW-D convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS7.4AI score0.00278EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/19 6:31 p.m.6 views

EUVD-2025-204573

DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2025-67037. Reason: This record is a reservation duplicate of CVE-2025-67037. Notes: All CVE users should reference CVE-2025-67037 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage...

6.4AI score0.00384EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/20 12:31 a.m.3 views

EUVD-2025-198240

EUVD-2025-198240...

7.5CVSS6.4AI score0.00339EPSS
Exploits1References6
EUVD
EUVD
added 2025/11/19 9:31 p.m.5 views

EUVD-2025-198168

A path Traversal vulnerability found in FileCodeBox v2.2 and earlier allows arbitrary file writes when application is configured to use local filesystem storage. SystemFileStorage.savefile method in core/storage.py uses filenames from user input without validation to construct savepath and save...

6.3AI score0.00465EPSS
Exploits1References3
EUVD
EUVD
added 2025/11/19 6:31 p.m.2 views

EUVD-2025-198172

The Newtec Celox UHD models: CELOXA504, CELOXA820 running firmware version celox-21.6.13 is vulnerable to an authentication bypass. An attacker can exploit this issue by modifying intercepted responses from the /celoxservice endpoint. By injecting a forged response body during the loginWithUserNa...

9.8CVSS6.7AI score0.00497EPSS
Exploits1References4
EUVD
EUVD
added 2025/11/12 12:0 a.m.2 views

EUVD-2025-131952

A SQL injection vulnerability exists in the login functionality of WellSky Harmony version 4.1.0.2.83 within the 'xmHarmony.asp' endpoint. User-supplied input to the 'TXTUSERID' parameter is not properly sanitized before being incorporated into a SQL query. Successful authentication may lead to...

7.5AI score0.00436EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/05 7:27 a.m.4 views

EUVD-2025-37787

The KiotViet Sync plugin for WordPress is vulnerable to authorizarion bypass in all versions up to, and including, 1.8.5. This is due to the plugin using a hardcoded password for authentication in the QueryControllerAdmin::authenticated function. This makes it possible for unauthenticated attacke...

5.3CVSS6AI score0.00272EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/05 6:30 a.m.2 views

EUVD-2025-37814

Not used...

6.4AI score
Exploits0References1
EUVD
EUVD
added 2025/11/04 9:31 p.m.8 views

EUVD-2025-37834

EUVD-2025-37834...

7.5CVSS6.4AI score0.00296EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/04 6:19 a.m.5 views

EUVD-2025-37577

In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

7.5CVSS6.5AI score0.00442EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/04 1:15 a.m.4 views

EUVD-2025-37650

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access sensitive user data...

7.5CVSS5.8AI score0.00111EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/04 1:15 a.m.3 views

EUVD-2025-37644

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to gain root privileges...

7.8CVSS6AI score0.00173EPSS
Exploits1References3
Rows per page
Query Builder