Lucene search
K

484 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2007-5901

Malware in sbrugna...

5CVSS6.4AI score0.01256EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2011-4781

Malware in sbrugna...

5.8CVSS6.4AI score0.01054EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: mysql (UTSA-2025-986145)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986145 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 5.7.33 and prior and 8.0.23...

4.9CVSS6.3AI score0.01388EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/06 5:58 p.m.6 views

CVE-2025-6985 XXE Vulnerability in langchain-ai/langchain

The HTMLSectionSplitter class in langchain-text-splitters version 0.3.8 is vulnerable to XML External Entity XXE attacks due to unsafe XSLT parsing. This vulnerability arises because the class allows the use of arbitrary XSLT stylesheets, which are parsed using lxml.etree.parse and lxml.etree.XSL...

7.5CVSS6.5AI score0.00604EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29146

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00604EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-45077

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00638EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-50028

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00279EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-13691

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00267EPSS
Exploits0References1
Redos
Redos
added 2025/09/23 12:0 a.m.4 views

ROS-20250923-07

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

8.8CVSS8.2AI score0.00709EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/09/09 9:29 a.m.6 views

Advisory ROSA-SA-2025-2957

Software: perl-CPAN 2.18 OS: ROSA Virtualization 2.1 unaffected versions = perl-CPAN-2.18-397.0.1.rv3 affected versions perl-CPAN-2.18-397.0.1.rv3 CVE-ID: CVE-2023-31484 BDU-ID: 2023-03871 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the CPAN.pm component of the Perl programming language is relat...

8.1CVSS8.1AI score0.01548EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/08/30 6:20 p.m.4 views

CVE-2025-45968

An issue in System PDV v1.0 allows a remote attacker to obtain sensitive information via the hash parameter in a URL. The application contains an Insecure Direct Object Reference IDOR vulnerability, which occurs due to a lack of proper authorization checks when accessing objects referenced by thi...

9.8CVSS6.7AI score0.00584EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/29 2:37 p.m.3 views

Security Bulletin: Java SE Hotspot Vulnerability Enables Remote Data Access and Modification via Multiple Protocols, which affects IBM watsonx.data

Summary Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to accessib...

4.8CVSS6.7AI score0.0095EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/08/26 11:15 p.m.4 views

CVE-2025-0093

In handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due to a missing permission check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

7.5CVSS5.9AI score0.00297EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/25 12:0 a.m.3 views

CVE-2025-45968

An issue in System PDV v1.0 allows a remote attacker to obtain sensitive information via the hash parameter in a URL. The application contains an Insecure Direct Object Reference IDOR vulnerability, which occurs due to a lack of proper authorization checks when accessing objects referenced by thi...

6.7AI score0.00584EPSS
Exploits1References1
CVE
CVE
added 2025/08/25 12:0 a.m.12 views

CVE-2025-55575

Summary: CVE-2025-55575 is a SQL Injection vulnerability in SMM Panel 3.1 that allows remote attackers to disclose sensitive information via a crafted HTTP request with the parameter action=service_detail. The CVSS v3.1 base score is 9.8 (CRITICAL) with network access, low attack complexity, no p...

9.8CVSS8.2AI score0.00416EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-10274

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE component of Oracle Java SE subcomponent: Smart Card IO. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and ...

6.8CVSS7.1AI score0.02635EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.11 views

The vulnerability of the `update-ldcache` function in software for creating and running NVIDIA Container Toolkit containers and NVIDIA GPU Operator resource management software allows a malicious actor to gain unauthorized access to protected information or cause service failures.

The vulnerability in the update-ldcache function of software for creating and running NVIDIA Container Toolkit containers, as well as the NVIDIA GPU Operator resource management software, arises from an improper definition of symbolic references before accessing files. Exploiting this vulnerabili...

8.5CVSS7.8AI score0.00679EPSS
Exploits0References3Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/08/07 12:0 a.m.6 views

The vulnerability of the distributed Git version control system, related to improper filtering of output data, allows a malicious actor to gain read, modify, or delete access to data, or execute arbitrary code.

The vulnerability of the distributed Git version control system is related to improper filtering of output data during the extraction or sending of message exchanges from the server. Exploiting this vulnerability can allow a remote attacker to gain read, modify, or delete access to data, or execu...

7.6CVSS7.6AI score0.00494EPSS
Exploits1References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/07/30 12:0 a.m.8 views

The software’s vulnerability related to secure remote access to data in Palo Alto Networks GlobalProtect App allows a intruder to escalate their privileges. This vulnerability arises from errors in privilege management.

The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to errors in privilege management. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS5.5AI score0.00141EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.9 views

The vulnerability of the ColdFusion software platform lies in the improper limitation of XML references to external objects. This allows attackers to gain unauthorized access to protected information or circumvent existing security restrictions, thereby causing service failures.

The vulnerability of the ColdFusion software platform is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information or circumvent existing security...

9.3CVSS5.5AI score0.00548EPSS
Exploits0References2
Rows per page
Query Builder