Lucene search
K

48 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-23795

Malware in sbrugna...

6.5CVSS6.5AI score0.07511EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-6941

Malicious code in bioql PyPI...

8.6CVSS8.7AI score0.00722EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-36952

Malicious code in bioql PyPI...

9.6CVSS9.1AI score0.00849EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-30355

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00546EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:38 a.m.5 views

CVE-2023-26560

Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to leverage the Scheduled Reports feature to read arbitrary files and potentially discover credentials...

6.5CVSS6.5AI score0.00546EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:12 a.m.7 views

CVE-2022-23940

SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users with access to the Scheduled Reports module can achieve this by leveraging PHP deserialization in the emailrecipients property. By using a crafted request, they can create a malicious report, containin...

8.8CVSS7.3AI score0.54165EPSS
Exploits2References1
Rosalinux
Rosalinux
added 2024/06/27 10:45 a.m.23 views

Advisory ROSA-SA-2024-2436

software: cfengine 3.21.3 OS: ROSA-CHROME packageevrstring: cfengine-3.21.3-1 CVE-ID: CVE-2021-36756 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There is no SSL certificate validation in CFEngine Enterprise. CVE-STATUS: Fixed CVE-REV: To close, execute command: sudo dnf update cfengine CVE-ID:...

6.5CVSS6.4AI score0.00546EPSS
Exploits2
OSV
OSV
added 2023/12/18 10:15 a.m.7 views

CVE-2023-32725

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user...

8.8CVSS6.6AI score
Exploits0References1
OSV
OSV
added 2023/12/18 10:15 a.m.3 views

DEBIAN-CVE-2023-32725

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user...

8.8CVSS8.4AI score0.00849EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/12/18 10:15 a.m.64 views

CVE-2023-32725

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user...

9.6CVSS7.2AI score0.00849EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2023/12/18 9:15 a.m.50 views

CVE-2023-32725

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user...

9.6CVSS7.1AI score0.00849EPSS
Exploits0
OSV
OSV
added 2023/05/28 10:15 p.m.20 views

CVE-2021-4336

A vulnerability was found in ITRS Group monitor-ninja up to 2021.11.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file modules/reports/models/scheduledreports.php. The manipulation leads to sql injection. Upgrading to version 2021.11.30 is able to...

9.8CVSS7.8AI score
Exploits0References4
Cvelist
Cvelist
added 2023/05/28 10:0 p.m.22 views

CVE-2021-4336 ITRS Group monitor-ninja scheduled_reports.php sql injection

A vulnerability was found in ITRS Group monitor-ninja up to 2021.11.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file modules/reports/models/scheduledreports.php. The manipulation leads to sql injection. Upgrading to version 2021.11.30 is able to...

5.5CVSS10AI score0.00604EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/05/28 12:0 a.m.4 views

PT-2023-12439 · Itrs · Monitor-Ninja

Name of the Vulnerable Software and Affected Versions: ITRS Group monitor-ninja versions up to 2021.11.1 Description: A critical issue affects some unknown functionality of the file modules/reports/models/scheduled reports.php, leading to sql injection. The estimated number of potentially affecte...

9.8CVSS6.1AI score0.00604EPSS
Exploits0References7
NVD
NVD
added 2023/04/26 12:15 a.m.27 views

CVE-2023-26560

Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to leverage the Scheduled Reports feature to read arbitrary files and potentially discover credentials...

6.5CVSS6.1AI score0.00546EPSS
Exploits0References2
OSV
OSV
added 2023/04/26 12:15 a.m.24 views

CVE-2023-26560

Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to leverage the Scheduled Reports feature to read arbitrary files and potentially discover credentials...

6.5CVSS6.7AI score0.00546EPSS
Exploits0References2
Prion
Prion
added 2023/04/26 12:15 a.m.18 views

Design/Logic Flaw

Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to leverage the Scheduled Reports feature to read arbitrary files and potentially discover credentials...

4CVSS6.1AI score0.00546EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2023/04/26 12:15 a.m.22 views

CVE-2023-26560

Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to leverage the Scheduled Reports feature to read arbitrary files and potentially discover credentials...

6.5CVSS6.7AI score0.00546EPSS
Exploits0
Cvelist
Cvelist
added 2023/04/25 12:0 a.m.35 views

CVE-2023-26560

Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to leverage the Scheduled Reports feature to read arbitrary files and potentially discover credentials...

6.3AI score0.00546EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/11/02 12:0 a.m.3 views

Splunk 资源管理错误漏洞

Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines, and cloud. A...

6.5CVSS6.5AI score0.00794EPSS
Exploits0References4
Rows per page
Query Builder