Lucene search
K

402 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-24299

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00473EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-30650

Malicious code in bioql PyPI...

8.1CVSS6.6AI score0.00209EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-24586

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00234EPSS
Exploits0References1
OSV
OSV
added 2025/09/25 5:51 p.m.7 views

CLSA-2025-1758822697 perl-CPAN: Fix of 2 CVEs

CVE-2023-31484: verify TLS certificates when downloading distributions over HTTPS - CVE-2020-16156: fix Signature Verification Bypass...

8.1CVSS5.8AI score0.01548EPSS
Exploits2References1
Gitee
Gitee
added 2025/09/22 1:2 a.m.169 views

security-guide-for-developers

This is a security guide for web developers, covering various security topics such as authentication, authorization, data validation, and encryption. The guide is divided into several sections, including a security checklist, authentication and authorization, data validation and sanitation, and...

6.7AI score
Exploits0
HackRead
HackRead
added 2025/09/18 1:0 p.m.4 views

Palo Alto Networks Acknowledges SquareX Research on Limitations of SWGs Against Last Mile Reassembly Attacks

Palo Alto, California, 18th September 2025, CyberNewsWire...

7AI score
Exploits0
Cvelist
Cvelist
added 2025/09/15 12:0 a.m.9 views

CVE-2025-46408

An issue was discovered in the methods push.lite.avtech.com.AvtechLib.GetHttpsResponse and push.lite.avtech.com.PushHttpService.getNewHttpClient in AVTECH EagleEyes 2.0.0. The methods set ALLOWALLHOSTNAMEVERIFIER, bypassing domain validation...

0.00611EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-22081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions tha...

5.3CVSS6.2AI score0.014EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/13 2:46 p.m.4 views

CVE-2025-54809 F5 Access for Android vulnerability

F5 Access for Android before version 3.1.2 which uses HTTPS does not verify the remote endpoint identity. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.8CVSS7.3AI score0.00234EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/08/13 12:0 a.m.12 views

The vulnerability of the HTTPS protocol implementation in macOS operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the HTTPS protocol’s implementation in macOS systems is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

10CVSS5.5AI score0.00717EPSS
Exploits0References4Affected Software1
Packet Storm News
Packet Storm News
added 2025/08/06 12:0 a.m.4 views

Measuring the Carbon Footprint of Cryptographic Privacy-Enhancing Technologies

Privacy-enhancing technologies PETs have attracted significant attention in response to privacy regulations, driving the development of applications that prioritize user data protection. At the same time, the information and communication technology ICT sector faces growing pressure to reduce its...

6.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/27 12:0 a.m.6 views

The vulnerability of the HTTPS-Only Mode mode in the Mozilla Firefox browser allows a hacker to carry out a clickjacking attack.

The vulnerability of the HTTPS-Only Mode mode in the Mozilla Firefox browser is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to carry out a clickjacking attack remotely...

5CVSS5.4AI score0.00227EPSS
Exploits0References10Affected Software3
RedhatCVE
RedhatCVE
added 2025/05/23 8:59 a.m.7 views

CVE-2024-6398

An information disclosure vulnerability in SWG in versions 12.x prior to 12.2.10 and 11.x prior to 11.2.24 allows information stored in a customizable block page to be disclosed to third-party websites due to Same Origin Policy Bypass of browsers in certain scenarios. The risk is low, because oth...

5.3CVSS6.1AI score0.00329EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:47 a.m.10 views

CVE-2023-4400

A password management vulnerability in Skyhigh Secure Web Gateway SWG in main releases 11.x prior to 11.2.14, 10.x prior to 10.2.25 and controlled release 12.x prior to 12.2.1, allows some authentication information stored in configuration files to be extracted through SWG REST API. This was...

6.5CVSS6.8AI score0.003EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:55 a.m.11 views

CVE-2022-3320

It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on a Zero Trust enrolled...

9.8CVSS7AI score0.00378EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:50 a.m.7 views

CVE-2022-20952

A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance WSA, could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked...

5.3CVSS7.1AI score0.00678EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:2 a.m.5 views

CVE-2018-20809

A crafted message can cause the web server to crash with Pulse Secure Pulse Connect Secure PCS 8.3RX before 8.3R5 and Pulse Policy Secure 5.4RX before 5.4R5. This is not applicable to PCS 8.1RX...

7.5CVSS6.8AI score0.02725EPSS
Exploits0References1
NVD
NVD
added 2025/04/17 4:15 p.m.8 views

CVE-2025-32490

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebsiteDefender wp secure wp-secure-by-sitesecuritymonitorcom allows Stored XSS.This issue affects wp secure: from n/a through = 1.2...

7.1CVSS0.0025EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/28 12:0 a.m.11 views

PT-2025-9137

Name of the Vulnerable Software and Affected Versions Brocade ASCG versions prior to 3.2.0 Description The issue concerns the lack of HTTP Strict Transport Security HSTS enforcement in the web interface, as defined by RFC 6797. HSTS is an optional response header that can be configured on the...

9.1CVSS6.2AI score0.00341EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.6 views

The vulnerability of the implementation of the Simple Network Management Protocol (SNMP) in Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the implementation of the Simple Network Management Protocol SNMP for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance lies in the insufficient protection of operational data. Exploiting this vulnerability can allow a malicious...

4.3CVSS5.5AI score0.00331EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder