Lucene search
K

555 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-2484

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00449EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-30592

Malicious code in bioql PyPI...

6.5CVSS6.9AI score0.00771EPSS
Exploits1References2
Gitee
Gitee
added 2025/09/21 10:50 p.m.92 views

geminabox

It is an offensive tool for RubyGem hosting. The repository contains a simple RubyGem hosting system called Gem in a Box. It allows users to host their own RubyGems, and it includes features such as user authentication, gem versioning, and a web interface for browsing and downloading gems. The to...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2025/09/09 8:10 p.m.15 views

CVE-2025-54255 Acrobat Reader | Violation of Secure Design Principles (CWE-657)

Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Violation of Secure Design Principles vulnerability that could result in a security feature bypass impacting integrity. An attacker does not have to be authenticated. Exploitation of this issue does not...

4CVSS0.00249EPSS
Exploits0References1
OSV
OSV
added 2025/09/09 5:15 p.m.3 views

CVE-2025-54252

Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. This could result in bypassing security features within the application...

5.4CVSS5.7AI score0.0462EPSS
Exploits0References1
Gitee
Gitee
added 2025/09/06 12:2 a.m.160 views

ruby-dragonfly

This repository is an offensive tool for Ruby. It is a highly customizable gem for handling images and other attachments, and is already in use on thousands of websites. The tool is designed to generate image thumbnails in Rails and to manage attachments in web applications. It provides a range o...

7.1AI score
Exploits0
Github Security Blog
Github Security Blog
added 2025/08/18 9:31 a.m.15 views

Spring Framework MVC Applications Path Traversal Vulnerability

Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container. An application can be vulnerable when all the following are true: the application is deployed as a WAR or with an embedded Servlet container the Servlet...

5.9CVSS7.1AI score0.01916EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.5 views

Adobe Commerce 安全漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has a security vulnerability that can be exploited by an attacker to cause a security feature bypass...

5.9CVSS6.7AI score0.00387EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.5 views

NewStart CGSL MAIN 7.02 : python-pynacl Vulnerability (NS-SA-2025-0193)

The remote NewStart CGSL host, running version MAIN 7.02, has python-pynacl packages installed that are affected by a vulnerability: - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks suc...

5.9CVSS7.1AI score0.9378EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.3 views

NewStart CGSL MAIN 7.02 : libssh Vulnerability (NS-SA-2025-0184)

The remote NewStart CGSL host, running version MAIN 7.02, has libssh packages installed that are affected by a vulnerability: - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that...

5.9CVSS7.1AI score0.9378EPSS
Exploits4References3
Positive Technologies
Positive Technologies
added 2025/07/01 12:0 a.m.3 views

PT-2025-27570 · Unknown · Trust Wallet

Name of the Vulnerable Software and Affected Versions: Trust Wallet version 8.45 Description: The issue is related to insufficient validation of the screen lock mechanism, allowing physically proximate attackers to bypass the lock screen and view the wallet balance. Recommendations: For Trust...

5.7CVSS6.7AI score0.00187EPSS
Exploits0References4
Fedora
Fedora
added 2025/06/25 1:43 a.m.9 views

[SECURITY] Fedora 41 Update: keylime-agent-rust-0.2.7-5.fc41

Rust agent for Keylime...

8.8CVSS7.4AI score0.00465EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/06/19 12:0 a.m.7 views

Fedora 42 : kea (2025-dc6ec0a8e2)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-dc6ec0a8e2 advisory. - New version 2.6.3 rhbz2368989 - Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803 - kea.conf: Remove /tmp/ from socket-name for existing...

7.8CVSS5.6AI score0.00235EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 8:6 a.m.8 views

CVE-2024-45313

Overleaf is a web-based collaborative LaTeX editor. When installing Server Pro using the Overleaf Toolkit from before 2024-07-17 or legacy docker-compose.yml from before 2024-08-28, the configuration for LaTeX compiles was insecure by default, requiring the administrator to enable the security...

5.4CVSS5.5AI score0.00341EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:3 a.m.13 views

CVE-2024-20821

A vulnerability possible to reconfigure OTP allows local attackers to transit RMAReturn Merchandise Authorization mode, which disables security features. This attack needs additional privilege to control TEE...

4.4CVSS6.8AI score0.00164EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:15 a.m.9 views

CVE-2019-15685

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable such product's security features as private browsing and...

4.3CVSS6.9AI score0.00844EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:39 a.m.6 views

CVE-2019-10885

An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated users with low privileges in a Workspace Control managed session can bypass Workspace Control security features configured for this session by resetting the session context...

7.8CVSS6.9AI score0.01043EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:57 a.m.4 views

CVE-2017-8776

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the...

7.5CVSS7.5AI score0.00926EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 6:15 p.m.17 views

CVE-2025-20191

A vulnerability in the Switch Integrated Security Features SISF of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller WLC AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected...

7.4CVSS0.00199EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 5:18 p.m.15 views

CVE-2025-20191 Multiple Cisco Products Denial of Service Vulnerability

A vulnerability in the Switch Integrated Security Features SISF of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller WLC AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected...

7.4CVSS7.3AI score0.00199EPSS
Exploits0References1
Rows per page
Query Builder