Lucene search
K

133 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-29760

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00705EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2022-28957

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00899EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-48346

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00153EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-21323

Malicious code in bioql PyPI...

8.2CVSS7AI score0.00398EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-44346

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00872EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-24302

Malicious code in bioql PyPI...

6.3CVSS5.1AI score0.00247EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/23 12:0 a.m.2 views

IBM Copy Services Manager Cross-Site Scripting Vulnerability

IBM Copy Services Manager is IBM's data replication management software for simplifying and automating data replication operations in enterprise storage environments. A cross-site scripting vulnerability exists in IBM Copy Services Manager 6.3.13, which stems from insufficient filtering and...

6.1CVSS6.1AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 2:24 p.m.5 views

CVE-2025-7774

A security issue exists within the 5032 16pt Digital Configurable module’s web server. Intercepted session credentials can be used within a 3-minute timeout window, allowing unauthorized users to perform privileged actions...

8.8CVSS7.1AI score0.00382EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 1:39 p.m.9 views

CVE-2025-7774 Rockwell Automation ArmorBlock 5000 I/O – Web Server Vulnerabilities

A security issue exists within the 5032 16pt Digital Configurable module’s web server. Intercepted session credentials can be used within a 3-minute timeout window, allowing unauthorized users to perform privileged actions...

8.8CVSS0.00382EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.3 views

Rockwell Automation 5032-CFGB16M12P5DR 安全漏洞

The Rockwell Automation 5032-CFGB16M12P5DR is a security controller module from Rockwell Automation. A security vulnerability exists in the Rockwell Automation 5032-CFGB16M12P5DR that stems from intercepted session credentials that can be used to perform privileged operations within 3 minutes...

8.8CVSS6.8AI score0.00382EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/07/30 9:21 a.m.3 views

Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero

Google has announced that it's making a security feature called Device Bound Session Credentials DBSC in open beta to ensure that users are safeguarded against session cookie theft attacks. DBSC, first introduced as a prototype in April 2024, is designed to bind authentication sessions to a devic...

6.6AI score
Exploits0
OSV
OSV
added 2025/07/15 3:28 p.m.2 views

GHSA-F24X-RM6G-3W5V Directus tokens are not redacted in flow logs, exposing session credentials to all admin

Summary When using Directus Flows with the WebHook trigger, all incoming request details are logged including security sensitive data like access and refresh tokens in cookies. Impact Malicious admins with access to the logs can hijack the user sessions within the token expiration time of them...

4.5CVSS6.2AI score0.00387EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/06/09 5:27 p.m.11 views

CVE-2025-49653 Exposure of sensitive Information allows account takeover

Exposure of sensitive data in active sessions in Lablup's BackendAI allows attackers to retrieve credentials for users on the management platform...

8CVSS7AI score0.00304EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:35 a.m.7 views

CVE-2024-7421

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions...

5.5CVSS6.4AI score0.00153EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:29 p.m.6 views

CVE-2022-24042

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application returns an AuthToken that does not expire at the defined auto...

9.1CVSS6.6AI score0.00899EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/22 5:51 p.m.10 views

CVE-2024-13928 Authenticated SQL Injection

SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

7.5CVSS0.00317EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/22 12:0 a.m.3 views

PT-2025-22519 · Unknown · Nexus Series +2

Name of the Vulnerable Software and Affected Versions: ASPECT-Enterprise versions through 3.08.03 NEXUS Series versions through 3.08.03 MATRIX Series versions through 3.08.03 Description: The issue allows attackers to control TCP/IP port access if session administrator credentials become...

9.1CVSS6.4AI score0.00435EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/05/22 12:0 a.m.3 views

PT-2025-22521 · Unknown · Nexus Series +2

Name of the Vulnerable Software and Affected Versions: ASPECT-Enterprise versions through 3.08.03 NEXUS Series versions through 3.08.03 MATRIX Series versions through 3.08.03 Description: Exposure of file path, file size, or file existence vulnerabilities in ASPECT provide attackers access to fil...

5.9CVSS6.3AI score0.00254EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/03/10 12:0 a.m.7 views

Lexmark Printer XSS Vulnerability (CVE-2020-13481)

Multiple Lexmark printer devices are prone to a stored cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

6.1CVSS6.1AI score0.00257EPSS
Exploits0References1
NVD
NVD
added 2025/02/19 7:15 p.m.4 views

CVE-2020-13481

Certain Lexmark products through 2020-05-25 allow XSS which allows an attacker to obtain session credentials and other sensitive information...

6.1CVSS0.00257EPSS
Exploits0References2
Rows per page
Query Builder