Lucene search
+L

160 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-46546

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00368EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-36856

Malicious code in bioql PyPI...

8.1CVSS7AI score0.00287EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1999

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00933EPSS
Exploits0References6
OSV
OSV
added 2025/07/12 6:30 p.m.5 views

GHSA-7PGF-PPXW-8624 Apache Zeppelin exposes server resources to unauthenticated attackers

The attacker can use the raft server protocol in an unauthenticated way. The attacker can see the server's resources, including directories and files. This issue affects Apache Zeppelin: from 0.10.1 up to 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes the issue by removin...

7.5CVSS6.3AI score0.00564EPSS
Exploits0References6
NVD
NVD
added 2025/07/12 5:15 p.m.7 views

CVE-2024-41169

The attacker can use the raft server protocol in an unauthenticated way. The attacker can see the server's resources, including directories and files. This issue affects Apache Zeppelin: from 0.10.1 up to 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes the issue by removin...

7.5CVSS0.00564EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.5 views

Honeywell Experion Server 安全漏洞

Honeywell Experion Server is a high-performance industrial control system server from Honeywell USA for the Experion Process Knowledge System PKS platform. A security vulnerability exists in Honeywell Experion Server PKS versions 520.1 to 520.2 TCU9 HF1 and 530 to 530 TCU3, and OneWireless WDM...

6.5CVSS6.2AI score0.00231EPSS
Exploits0References3
Snyk
Snyk
added 2025/06/23 8:41 p.m.3 views

Exposure of Resource to Wrong Sphere

Overview Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere via the duplicated context process. An attacker can access sensitive data from another transaction by triggering the duplication of an already duplicated context. Note: Duplicating a duplicated conte...

7.4CVSS8.9AI score0.00256EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:16 a.m.5 views

CVE-2024-28023

A vulnerability exists in the message queueing mechanism that if exploited can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or even execute arbitrary code...

5.7CVSS7.2AI score0.00167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:56 a.m.6 views

CVE-2024-5313

CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH interface over the product network interface. This does not allow to directly exploit the product or make any unintended operation as the SSH interface access is protected by an authentication mechanism. Impact...

6.5CVSS7.2AI score0.00368EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:48 a.m.6 views

CVE-2023-31103

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of cluster of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick...

7.5CVSS6.8AI score0.01304EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:32 a.m.5 views

CVE-2023-5751

A local attacker with low privileges can read and modify any users files and cause a DoS in the working directory of the affected products due to exposure of resource to wrong sphere...

7.8CVSS6.6AI score0.00172EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:31 p.m.7 views

CVE-2022-32530

A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: Geo SCADA Mobile...

7.8CVSS6.8AI score0.00418EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/15 3:6 p.m.21 views

CVE-2025-3522 Leak of hashed Window credentials via crafted attachment URL

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validate...

0.00258EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 3:43 p.m.9 views

CVE-2020-5280

http4s before versions 0.18.26, 0.20.20, and 0.21.2 has a local file inclusion vulnerability. This vulnerability applies to all users of org.http4s.server.staticcontent.FileService, org.http4s.server.staticcontent.ResourceService and org.http4s.server.staticcontent.WebjarService. URI normalizatio...

7.6CVSS6.4AI score0.06817EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/12/18 12:0 a.m.11 views

The vulnerability of the Ruijie Reyee OS operating system, related to the exposure of resources for unauthorized parties, allows a violator to obtain the device serial number.

The vulnerability of the Ruijie Reyee OS is related to the exposure of resources for unauthorized parties. Exploiting this vulnerability allows a remote attacker to obtain the device’s serial number by intercepting Wi-Fi signals...

6.5CVSS8AI score0.00282EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/07/11 5:15 p.m.34 views

CVE-2024-39553

An Exposure of Resource to Wrong Sphere vulnerability in the sampling service of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to send arbitrary data to the device, which leads msvcsd process to crash with limited availability impacting Denial of Service DoS a...

6.9CVSS0.00398EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/07/10 12:0 a.m.12 views

PT-2024-28529 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions 21.4 through 21.4R3-S7-EVO Juniper Networks Junos OS Evolved versions 22.2 through 22.2R3-S3-EVO Juniper Networks Junos OS Evolved versions 22.3 through 22.3R3-S2-EVO Juniper Networks Junos OS Evolve...

6.9CVSS7.5AI score0.00398EPSS
Exploits1References6
NVD
NVD
added 2024/06/11 2:15 p.m.20 views

CVE-2024-28023

A vulnerability exists in the message queueing mechanism that if exploited can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or even execute arbitrary code...

5.7CVSS0.00167EPSS
Exploits0References1
CVE
CVE
added 2024/06/11 1:55 p.m.45 views

CVE-2024-28023

The CVE-2024-28023 entry concerns a vulnerability in the message queueing mechanism used by Hitachi Energy FOXMAN-UN / UNEM (Hitachi FOXMAN-UN server and related APIGateway components). Connected documents corroborate a risk that exploitation could lead to exposure of resources or functionality t...

5.7CVSS5.9AI score0.00167EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/11 1:55 p.m.15 views

CVE-2024-28023

A vulnerability exists in the message queueing mechanism that if exploited can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or even execute arbitrary code...

5.7CVSS7.2AI score0.00167EPSS
Exploits0References1
Rows per page
Query Builder