Lucene search
K

162 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-0079

Malware in sbrugna...

4.6CVSS6.1AI score0.00379EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-29903

Malicious code in bioql PyPI...

3.7CVSS4.6AI score0.0067EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-37267

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00359EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-30700

Malicious code in bioql PyPI...

8.2CVSS6.4AI score0.00646EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-28504

Malicious code in bioql PyPI...

5.5CVSS5.9AI score0.00185EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-2894

Malicious code in bioql PyPI...

9.3CVSS8.6AI score0.01171EPSS
Exploits0References1
OSV
OSV
added 2025/09/09 3:31 p.m.5 views

GHSA-WH92-6Q6G-PX7J Magento Community Edition Improper Input Validation vulnerability

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A successful attacker can abuse this to achieve session takeover, increasing the...

9.1CVSS6.7AI score0.96742EPSS
Exploits9References6
VulnCheck KEV
VulnCheck KEV
added 2025/08/19 12:0 a.m.7 views

VulnCheck KEV: CVE-2023-26258

Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute a...

9.8CVSS5.9AI score0.37715EPSS
In wildExploits2References131
CNNVD
CNNVD
added 2025/08/13 12:0 a.m.1 views

Apache Tomcat 授权问题漏洞

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server for the implementation of Servlet and JavaServer Page JSP support. Apache Tomcat suffers from an authorization problem vulnerability that stems from a rewrite valve session fixation flaw. An attack...

6.5CVSS6.6AI score0.00775EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/08/09 2:2 a.m.5 views

CVE-2025-55009 AuthKit: Sensitive auth data rendered in HTML

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In versions 0.14.1 and below, @workos-inc/authkit-remix exposed sensitive authentication artifacts — specifically sealedSession and accessToken — by returning the...

7.1CVSS7.2AI score0.00342EPSS
Exploits0References3
OSV
OSV
added 2025/05/26 4:15 p.m.5 views

ALPINE-CVE-2025-46802

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session...

5.3CVSS6.9AI score0.0019EPSS
Exploits0References1
OSV
OSV
added 2025/05/26 4:15 p.m.2 views

DEBIAN-CVE-2025-46802

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session...

5.3CVSS7.4AI score0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/26 3:10 p.m.25 views

CVE-2025-46802 Temporary chown() of users' TTY to mode 0666 allows PTY hijacking in screen

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session...

6CVSS0.0019EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 12:47 a.m.8 views

CVE-2022-31257

A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.31, Mendix Applications using Mendix 8 All versions V8.18.18, Mendix Applications using Mendix 9 All versions V9.14.0, Mendix Applications using Mendix 9 V9.12 All versions V9.12.2, Mendix Applications...

7.5CVSS6.8AI score0.00674EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:7 p.m.10 views

CVE-2022-3339

A reflected cross-site scripting XSS vulnerability in ePO prior to 5.10 Update 14 allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to...

6.1CVSS5.5AI score0.00558EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:35 p.m.6 views

CVE-2021-29368

Session fixation vulnerability in CuppaCMS thru commit 4c9b742b23b924cf4c1f943f48b278e06a17e297 on November 12, 2019 allows attackers to gain access to arbitrary user sessions...

8.8CVSS7.2AI score0.00715EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:22 p.m.8 views

CVE-2020-15270

Parse Server npm package parse-server broadcasts events to all clients without checking if the session token is valid. This allows clients with expired sessions to still receive subscription objects. It is not possible to create subscription objects with invalid session tokens. The issue is not...

4.3CVSS6.7AI score0.01151EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:26 p.m.7 views

CVE-2020-24692

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session...

7.1CVSS7.7AI score0.00419EPSS
Exploits0
CNNVD
CNNVD
added 2025/05/05 12:0 a.m.3 views

BeyondTrust Privileged Remote Access 安全漏洞

BeyondTrust Privileged Remote Access BeyondTrust PRA is a privileged remote access software from BeyondTrust USA. A security vulnerability exists in BeyondTrust Privileged Remote Access versions prior to 25.1 that stems from a local authentication bypass that could lead to unauthorized session...

7.8CVSS6.5AI score0.00173EPSS
Exploits1References2
CVE
CVE
added 2025/04/24 9:25 a.m.50 views

CVE-2021-47663

CVE-2021-47663 describes an improper JSON Web Tokens implementation that allows an unauthenticated remote attacker to guess a valid session ID and impersonate a user to gain full access. Documented impact includes high confidentiality, integrity, and availability degradation (C/H/I/A). The provid...

8.1CVSS7.4AI score0.00374EPSS
Exploits0References1
Rows per page
Query Builder