Lucene search
+L

30 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29048

Malicious code in bioql PyPI...

9.3CVSS6.3AI score0.74535EPSS
Exploits0References2
osv
osv
added 2025/09/15 8:0 p.m.7 views

GHSA-99PG-HQVX-R4GF Flowise has an Arbitrary File Read

Summary An arbitrary file read vulnerability in the chatId parameter supplied to both the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints allows unauthenticated users to read unintended files on the local filesystem. In the default Flowise configuration this allows...

9.1CVSS6.9AI score0.00346EPSS
Exploits1References2
github
github
added 2025/09/15 8:0 p.m.13 views

Flowise has an Arbitrary File Read

Summary An arbitrary file read vulnerability in the chatId parameter supplied to both the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints allows unauthenticated users to read unintended files on the local filesystem. In the default Flowise configuration this allows...

6.9AI score
Exploits0References2Affected Software1
nvd
nvd
added 2025/09/12 2:15 p.m.5 views

CVE-2025-10364

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...

9.3CVSS0.74535EPSS
Exploits0References1
nessus
nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2018-18249

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the...

9.8CVSS7.2AI score0.01489EPSS
Exploits1References2
osv
osv
added 2025/03/14 6:15 p.m.7 views

CVE-2024-54449

The API used to interact with documents in the application contains two endpoints with a flaw that allows an authenticated attacker to write a file with controlled contents to an arbitrary location on the underlying file system. This can be used to facilitate RCE. An account with ‘read’ and ‘writ...

8.8CVSS5.9AI score0.00552EPSS
Exploits0References1
cnnvd
cnnvd
added 2023/04/26 12:0 a.m.4 views

Vinga WR-AC1200 安全漏洞

The Vinga WR-AC1200 is a wireless router from Vinga. A security vulnerability exists in the Vinga WR-AC1200 version 81.102.1.4370 and prior versions. A remote attacker can exploit this vulnerability to execute arbitrary code via the password parameter of the /goform/sysTools and /adm/systools.asp...

9.8CVSS9AI score0.01586EPSS
Exploits0References2
susecve
susecve
added 2023/02/15 6:13 a.m.4 views

SUSE CVE-2006-6899

hidd in BlueZ bluez-utils before 2.25 allows remote attackers to obtain control of the 1 Mouse and 2 Keyboard Human Interface Device HID via a certain configuration of two HID PSM endpoints, operating as a server, aka HidAttack...

5.4CVSS6.9AI score0.03221EPSS
Exploits1References3
osv
osv
added 2023/02/01 2:15 p.m.7 views

CVE-2023-23128

Connectwise Control 22.8.10013.8329 is vulnerable to Cross Origin Resource Sharing CORS. The vendor's position is that two endpoints have Access-Control-Allow-Origin wildcarding to support product functionality, and that there is no risk from this behavior. The vulnerability report is thus not...

6.1CVSS6.4AI score0.00374EPSS
Exploits0References1
osv
osv
added 2018/11/16 6:29 p.m.5 views

CVE-2018-18801

The BSEN Ordering software 1.0 has SQL Injection via student/index.php?view=view&id=SQL or index.php?q=single-item&id=SQL...

9.8CVSS5.8AI score0.03213EPSS
Exploits5References2
Rows per page
Query Builder