Lucene search
+L

108 matches found

OSV
OSV
added 2025/11/12 4:47 p.m.3 views

MAL-2025-155008 Malicious code in fatidra-nutasyua-isaufy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7da5494e48e6fadfb6b6b1775091eea12da0b78ceed684beb63b2968a665c66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 8:46 p.m.3 views

MAL-2025-126980 Malicious code in hadi-empal3-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54f42324ffd34b65366598af839daa4d944ee1773faaa65f8903e28af33d8031 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 4:25 a.m.3 views

MAL-2025-92248 Malicious code in wibowo-naget41-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0debba03b8dabad96cc6b2f90be0432b49ab4455793587af51fc14851463c29c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-1032

Malware in sbrugna...

9.8CVSS9.5AI score0.02016EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2007-4894

Malware in sbrugna...

7.5CVSS6.4AI score0.01231EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-14002

Malware in sbrugna...

4CVSS4.6AI score0.00307EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-1324

Malware in sbrugna...

9.8CVSS9.2AI score0.02487EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-28623

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00734EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/27 12:0 a.m.5 views

JetBrains TeamCity Information Disclosure Vulnerability

JetBrains TeamCity is a Continuous Integration/Continuous Deployment CI/CD tool developed by JetBrains to automate the software build, test, and deployment process with support for multiple programming languages and tools. JetBrains TeamCity suffers from an information disclosure vulnerability th...

6.5CVSS6.6AI score0.00734EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 10:15 a.m.10 views

CVE-2025-57734

In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files...

6.5CVSS0.00734EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 9:14 a.m.7 views

CVE-2025-57734

In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files...

4.3CVSS6.6AI score0.00734EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 9:14 a.m.28 views

CVE-2025-57734

In JetBrains TeamCity, versions prior to 2025.07.1 expose AWS credentials inside Docker script files, constituting an information disclosure vulnerability. Supported by multiple sources in the connected set (e.g., Red Hat advisory and PT Security note) consistently identifying the affected softwa...

6.5CVSS7.2AI score0.00734EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/08/20 9:14 a.m.11 views

CVE-2025-57734

In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files...

4.3CVSS0.00734EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.4 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a Continuous Integration/Continuous Deployment CI/CD tool developed by JetBrains to automate the software build, test, and deployment process with support for multiple programming languages and tools. JetBrains TeamCity suffers from an information disclosure vulnerability th...

6.5CVSS6.2AI score0.00734EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.15 views

PT-2025-34035 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: TeamCity versions prior to 2025.07.1 Description: TeamCity was affected by an issue where AWS credentials were exposed in Docker script files. Recommendations: Update to TeamCity version 2025.07.1 or later...

6.5CVSS6.4AI score0.00734EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 5:30 p.m.7 views

CVE-2020-6288

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface allows an attacker with edit document rights to upload any file including script files without proper file format validation leading to Unrestricted upload of file with dangerous type vulnerability. The attacker c...

5.3CVSS6.8AI score0.00656EPSS
Exploits0References1
CVE
CVE
added 2025/04/09 10:21 p.m.141 views

CVE-2025-24375

The CVE-2025-24375 entry concerns the Charmed MySQL K8s operator (and machine operator) with credential leakage risk. Root cause: the operator calls the mysql-shell/DDL scripts by writing a temporary script file containing full URIs with user credentials, created with read permissions (0644); unp...

5CVSS5.2AI score0.00158EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/11/11 12:0 a.m.4 views

PT-2024-34371 · Schrödinger · Pymol

Name of the Vulnerable Software and Affected Versions: PyMOL version 2.5.0 Description: The issue arises from the "Run Script" function in PyMOL, which allows the execution of arbitrary Python code embedded within .PYM files. This enables attackers to craft malicious .PYM files containing Python...

9.8CVSS7.9AI score0.01211EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/10/05 12:0 a.m.6 views

WordPress plugin CSS JS Files 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

4.9CVSS6.8AI score0.00564EPSS
Exploits0References2
OSV
OSV
added 2024/05/17 11:4 p.m.15 views

GHSA-6CJ3-RC4P-F38F Cross-site Scripting vulnerabilities in Neos

It has been discovered that Neos is vulnerable to several XSS attacks. Through these vulnerabilities, an attacker could tamper with page rendering, redirect victims to a fake login page, or capture user credentials such as cookies. With the potential backdoor upload an attacker could gain access ...

5.8AI score
Exploits0References3
Rows per page
Query Builder