Lucene search
K

2260 matches found

Vulnrichment
Vulnrichment
added 2025/03/04 4:58 p.m.9 views

CVE-2025-27401 In Tuleap, deleting a report can delete criteria filters in other reports

Tuleap is an Open Source Suite to improve management of software developments and collaboration. In a standard usages of Tuleap, the issue has a limited impact, it will mostly leave dangling data. However, a malicious user could create and delete reports multiple times to cycle through all the...

4.6CVSS4.6AI score0.00295EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/03/04 4:53 p.m.12 views

CVE-2025-27156 Tuleap allows content injection via emails sent by the mass emailing features

Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attempt or to indirectly exploit issues in the recipients mail...

4.1CVSS4.4AI score0.00242EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/03 3:51 p.m.9 views

CVE-2025-27094 Tuleap allows default values to be cleared from field configuration

Tuleap is an open-source suite designed to improve software development management and collaboration. A malicious user with access to a tracker could force-reset certain field configurations, leading to potential information loss. The display time attribute for the date field, the size attribute...

5.4CVSS5.6AI score0.00329EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/03/02 5:19 p.m.4 views

CVE-2025-24316

The Dario Health Internet-based server infrastructure is vulnerable due to exposure of development environment details, which could lead to unsafe functionality...

6.9CVSS6.8AI score0.00286EPSS
Exploits0References1
OSV
OSV
added 2025/02/25 9:15 p.m.5 views

CVE-2024-27246

Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access...

6.5CVSS5.8AI score0.0058EPSS
Exploits0References1
OSV
OSV
added 2025/02/25 9:15 p.m.4 views

CVE-2024-27245

Buffer overflow in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access...

6.5CVSS5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/25 12:0 a.m.8 views

PT-2025-7919 · Zoom · Zoom Workplace Sdks +1

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Apps and SDKs affected versions not specified Description: The issue is related to a use after free condition in some Zoom Workplace Apps and SDKs, which may allow an authenticated user to conduct a denial of service via networ...

4.3CVSS7AI score0.0058EPSS
Exploits0References4
Metasploit
Metasploit
added 2025/02/20 6:55 p.m.521 views

TFTP Fetch, Linux Command Shell, Find Port Inline

Fetch and execute an PPC64 payload from a TFTP server. Spawn a shell on an established connection Module Options msf use payload/cmd/linux/tftp/ppc64/shellfindport msf payloadshellfindport show actions ...actions... msf payloadshellfindport set ACTION msf payloadshellfindport show options ...show...

5.8AI score
Exploits0
AlmaLinux
AlmaLinux
added 2025/02/17 12:0 a.m.11 views

Moderate: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap CVE-2025-23085 For mor...

6.8CVSS6.7AI score0.01282EPSS
Exploits0References6
OSV
OSV
added 2025/02/17 12:0 a.m.16 views

ALSA-2025:1582 Moderate: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap CVE-2025-23085 For mor...

6.8CVSS5.9AI score0.01282EPSS
Exploits0References6
OSV
OSV
added 2025/02/13 8:34 p.m.11 views

RLSA-2025:0426 Moderate: java-21-openjdk security update for Rocky Linux 8.10, 9.4 and 9.5

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Enhance array handling CVE-2025-21502 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

4.8CVSS5.3AI score0.00971EPSS
Exploits0References1
OSV
OSV
added 2025/02/13 12:0 a.m.10 views

ALSA-2025:1443 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083...

7.7CVSS5.7AI score0.01282EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/02/07 6:4 p.m.6 views

CVE-2025-22129

Tuleap is an Open Source Suite to improve management of software developments and collaboration. In affected versions an unauthorized user might get access to restricted information. This issue has been addressed in Tuleap Community Edition 16.3.99.1736242932, Tuleap Enterprise Edition 16.2-5, an...

4.3CVSS6.8AI score0.00307EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/06 3:22 a.m.14 views

CVE-2021-35572

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

7.5CVSS6.6AI score0.01456EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 3:17 a.m.10 views

CVE-2021-35659

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

7.5CVSS6.6AI score0.01231EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 3:13 a.m.11 views

CVE-2021-35658

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

7.5CVSS6.6AI score0.01418EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:19 p.m.7 views

CVE-2020-2787

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. Supported versions that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

7.5CVSS6.4AI score0.01014EPSS
Exploits0
CVE
CVE
added 2025/02/03 9:28 p.m.60 views

CVE-2025-22129

CVE-2025-22129 affects Tuleap (community and enterprise editions) where an unauthorized user could access restricted information. The issue is addressed in Tuleap Community Edition 16.3.99.1736242932, Tuleap Enterprise Edition 16.2-5, and Tuleap Enterprise Edition 16.3-2; users should upgrade. Th...

4.3CVSS4.7AI score0.00307EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2025/02/03 9:26 p.m.62 views

CVE-2025-24029

CVE-2025-24029 affects Tuleap’s Cross Tracker Search widget: artifact permissions are not verified, allowing access to restricted artifacts for users (including anonymous) when the widget is used in public project dashboards. Affected versions have been addressed by Tuleap: Community Edition 16.3...

5.3CVSS6.9AI score0.00324EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.3 views

PT-2025-3723 · Unknown · Usbxpress Sdk

Name of the Vulnerable Software and Affected Versions: USBXpress SDK affected versions not specified Description: The issue is caused by an uncontrolled search path in the USBXpress SDK installer, leading to DLL hijacking vulnerabilities. This can result in privilege escalation and arbitrary code...

8.6CVSS8AI score0.00227EPSS
Exploits0References6
Rows per page
Query Builder