Lucene search
K

860 matches found

OSV
OSV
added 2025/03/20 10:9 a.m.5 views

CVE-2024-6483 Arbitrary File/Directory Deletion in aimhubio/aim

A vulnerability in the runs/delete-batch endpoint of aimhubio/aim version 3.19.3 allows for arbitrary file or directory deletion through path traversal. The endpoint does not mitigate path traversal when handling user-specified run-names, which are used to specify log/metadata files for deletion...

5.3CVSS6.2AI score0.00814EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/08 12:0 a.m.5 views

WordPress plugin Starter Templates by FancyWP 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

9.1CVSS8.8AI score0.00397EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/07 12:0 a.m.4 views

WordPress plugin WPGet API 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

5.5CVSS8.9AI score0.00305EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/07 12:0 a.m.4 views

WordPress plugin Platform.ly for WooCommerce 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists i...

9.1CVSS8.8AI score0.00387EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/04 12:0 a.m.5 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An improper access rights vulnerability exists in the Huawei HarmonyOS HDC module, which can be exploited by an attacker to compromise service confidentialit...

6.2CVSS6.7AI score0.001EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.6 views

The vulnerability of the kernel component of the Linux operating system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the kernel component of the Linux operating system is related to insufficient protection of service data. Exploiting this vulnerability can allow unauthorized access to protected information...

5.5CVSS6.4AI score0.00234EPSS
Exploits0References15Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.10 views

The vulnerability of the Linux operating system’s Ethernet kernel component, which allows a hacker to gain unauthorized access to protected information

The vulnerability of the Linux operating system’s Ethernet kernel component is related to insufficient protection of service data in the grethinitrings function. Exploiting this vulnerability can allow unauthorized access to protected information...

5.5CVSS6.4AI score0.00234EPSS
Exploits0References23Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.6 views

The vulnerability of the Find My component in MacOS operating systems allows a perpetrator to disclose protected information.

The vulnerability of the Find My component in MacOS operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow attackers to disclose protected information...

5.5CVSS7.1AI score0.00197EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/12 12:0 a.m.6 views

The vulnerability of MacOS operating systems, related to the lack of protection for service data, allows attackers to gain unauthorized access to protected information.

The vulnerability of MacOS operating systems is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

3.3CVSS7.2AI score0.00191EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/12 12:0 a.m.7 views

The vulnerability of MacOS operating systems, related to the lack of protection for service data, allows attackers to gain unauthorized access to protected information.

The vulnerability of MacOS operating systems is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

3.3CVSS7.2AI score0.00209EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/12 12:0 a.m.13 views

The vulnerability of the Etcd configuration store, related to insufficient protection for service data, allows a perpetrator to gain unauthorized access to the protected information.

The vulnerability of the Etcd configuration store is related to insufficient protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

4.3CVSS6.5AI score0.00744EPSS
Exploits0References6Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/02/11 12:0 a.m.9 views

The vulnerability of the monitoring tool for VMware Aria Operations, related to the lack of protection for service data, allows a perpetrator to disclose the protected information.

The vulnerability of the monitoring tool for VMware Aria Operations relates to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

7.7CVSS8.1AI score0.00539EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/27 12:0 a.m.6 views

PT-2025-3036 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: watchOS versions prior to 11.2 iOS versions prior to 18.2 iPadOS versions prior to 18.2 Description: The issue is related to insufficient protection of service data in the Face Gallery component of watchOS, iOS, and iPadOS operating systems. ...

9.1CVSS6AI score0.00404EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/01/22 12:0 a.m.7 views

The vulnerability of the BitLocker component of the Windows operating system, which allows a hacker to disclose protected information

The vulnerability of the BitLocker component of the Windows operating system is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to disclose the protected information...

4.2CVSS7.7AI score0.00699EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.6 views

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to disclose sensitive information that is protected by this mechanism.

The vulnerability of the Kerberos protocol for Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

5.9CVSS7.7AI score0.01586EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.7 views

The vulnerability of Themes components in Windows operating systems, which allows attackers to perform spoofing attacks

The vulnerability of Themes component in Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

7.8CVSS8AI score0.02128EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/12/23 12:0 a.m.6 views

The vulnerability of the /usr/ucb/ps component of the Solaris operating system, which allows a hacker to access confidential information

The vulnerability of the /usr/ucb/ps component of the Solaris operating system is related to insufficient protection for service data. Exploiting this vulnerability can allow an attacker to access confidential information...

4CVSS5.4AI score0.00945EPSS
Exploits3References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/18 12:0 a.m.6 views

The vulnerability of the Ruijie Reyee OS, related to deficiencies in data storage, allows a perpetrator to match the device serial number with the user’s phone number and a portion of the email address.

The vulnerability of the Ruijie Reyee OS is related to deficiencies in the storage of service data. Exploiting this vulnerability allows a malicious actor to match the device serial number with the user’s phone number and part of the email address...

7.8CVSS5.5AI score0.00387EPSS
Exploits0References3Affected Software1
Redos
Redos
added 2024/12/16 12:0 a.m.10 views

ROS-20241216-09

Vulnerability in the Automatic ConfigProvider component of Apache Kafka Message Manager is related to insufficient protection of service data. inadequate protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely, disclose protected information...

6.5CVSS6.5AI score0.01129EPSS
Exploits0
NVD
NVD
added 2024/12/12 2:3 a.m.16 views

CVE-2024-47776

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gstwavparsecuechunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch...

9.1CVSS0.01161EPSS
Exploits0References4
Rows per page
Query Builder