Lucene search
K

2293 matches found

Snyk
Snyk
added 2025/08/26 9:33 a.m.2 views

Malicious Package

Overview time-server-test is a malicious package. This package contains malicious code intended to exfiltrate data, and its contents have been removed from the official package manager. Although it appears to be a time-related utility, its main function is to collect system information and send i...

9.8CVSS7.1AI score
Exploits0References3
Snyk
Snyk
added 2025/08/26 9:33 a.m.1 views

Malicious Package

Overview time-server-analyzer is a malicious package. This package contains malicious code intended to exfiltrate data, and its contents have been removed from the official package manager. Although it appears to be a time-related utility, its main function is to collect system information and se...

9.8CVSS7.1AI score
Exploits0References3
NVD
NVD
added 2025/08/25 7:15 p.m.6 views

CVE-2025-9414

A vulnerability was found in kalcaddle kodbox 1.61. Affected by this vulnerability is an unknown functionality of the file /?explorer/upload/serverDownload of the component Download from Link Handler. Performing manipulation of the argument url results in server-side request forgery. Remote...

5.8CVSS0.00277EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/22 3:47 p.m.8 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty bundled with WebSphere Remote Server affected denial of service due to Apache Commons FileUpload (CVE-2025-48976)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server and WebSphere Application Server Liberty has been published in a security bulletin...

7.5CVSS7.7AI score0.63258EPSS
Exploits1Affected Software1
Redos
Redos
added 2025/08/22 12:0 a.m.10 views

ROS-20250822-21

A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...

7.5CVSS7AI score0.00953EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/18 3:21 p.m.5 views

Security Bulletin: IBM WebSphere Application Server which is bundled with WebSphere Remote Server, could provide weaker than expected security (CVE-2025-33142)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

7.5CVSS6.6AI score0.00252EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/14 3:13 p.m.5 views

Security Bulletin: IBM HTTP Server, which is bundled with WebSphere Remote Server, is affected by a security bypass vulnerability (CVE-2025-54090)

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

6.3CVSS6.7AI score0.00691EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/07 3:41 p.m.13 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server

Summary IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in security bulletins Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

9.8CVSS8.5AI score0.01966EPSS
Exploits2Affected Software1
CNNVD
CNNVD
added 2025/08/04 12:0 a.m.5 views

StarDict 安全漏洞

StarDict is a desktop dictionary software from StarDict open source. A security vulnerability exists in StarDict version 3.0.7+git20220909+dfsg-6, which stems from the YouDao plugin sending X11 selections to a remote server via plaintext HTTP...

4.7CVSS6.5AI score0.00361EPSS
Exploits0References7
Exploit DB
Exploit DB
added 2025/08/03 12:0 a.m.461 views

Swagger UI 1.0.3 - Cross-Site Scripting (XSS)

/ Author : Byte Reaper Telegram : @ByteReaper0 CVE : CVE-2025-8191 Title : Swagger UI 1.0.3 - Cross-Site Scripting XSS Description : CVE-2025-8191, a vulnerability in the Swagger UI service due to poor description parameter filtering, leading to command execution on a remote server. / include...

5.4CVSS3.9AI score0.01646EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2025/07/23 2:25 p.m.5 views

git: Git arbitrary file writes

A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles,...

8.6CVSS5.8AI score0.00785EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/22 8:21 p.m.18 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with WebSphere Remote Server, are affected by a security bypass vulnerability (CVE-2024-56339)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server and WebSphere Application Server Liberty has been published in a security bulletin...

7.5CVSS6.7AI score0.00373EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/22 5:49 p.m.8 views

Security Bulletin: IBM HTTP Server, which is bundled with WebSphere Remote Server, is affected by multiple vulnerabilities due to the included Apache HTTP Server

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

7.5CVSS5.8AI score0.01094EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2025/07/22 12:3 p.m.4 views

git: Git arbitrary file writes

A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles,...

8.6CVSS5.8AI score0.00785EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/14 4:40 p.m.9 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with WebSphere Remote Server, is affected by an arbitrary code execution vulnerability (CVE-2025-36038)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

9.8CVSS7.6AI score0.08023EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/14 12:0 a.m.8 views

The vulnerability of the graphical SFTP and SCP client for the Windows operating system, WinSCP, arises from incorrect path name restrictions for access-controlled directories. This allows attackers to create a special file and control its path on a remote server.

The vulnerability of the graphical SFTP and SCP client programs for the Windows operating system is related to incorrect path name restrictions for access to restricted directories. Exploiting this vulnerability allows an attacker to create a special file and control its path on a remote server...

6.8CVSS5.6AI score
Exploits0References1Affected Software1
OSV
OSV
added 2025/07/08 5:0 p.m.2 views

UBUNTU-CVE-2025-48385

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to...

8.6CVSS6.2AI score0.00785EPSS
Exploits0References4
NVD
NVD
added 2025/07/08 1:15 a.m.11 views

CVE-2025-42978

The widely used component that establishes outbound TLS connections in SAP NetWeaver Application Server Java does not reliably match the hostname that is used for the connection against the wildcard hostname defined in the received certificate of remote TLS server. This might lead to the outbound...

3.5CVSS0.00119EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/27 9:16 p.m.8 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server

Summary IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affect...

10CVSS7.1AI score0.3884EPSS
Exploits10Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/17 5:32 a.m.2 views

Malicious code in readium-shared-js (npm)

Malicious preinstall script exfiltrates system info hostname, user, pwd, id to a remote server. Likely a malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c907ca12944ad675a60dbfd27a1680a1b2ebf1186512d0106676795741a558a Any computer that has this package...

7AI score
Exploits0References5
Rows per page
Query Builder