EUVD-2022-48324

Malicious code in bioql PyPI...

EUVD-2021-9181

Malicious code in bioql PyPI...

EUVD-2022-38850

Malicious code in bioql PyPI...

EUVD-2025-8735

Malicious code in bioql PyPI...

EUVD-2023-54458

Malicious code in bioql PyPI...

EUVD-2025-23548

Malicious code in bioql PyPI...

CVE-2025-34216

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 VA deployments only expose a set of unauthenticated REST API endpoints that return configuration files and clear‑text passwords. The same endpoints also disclose the...

PT-2025-39883

Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 22.0.1026 Vasion Print Application versions prior to 20.0.2702 Description Vasion Print formerly PrinterLogic Virtual Appliance Host and Application deployments expose unauthenticated REST API endpoints. These...

CVE-2025-59358

The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides an API to kill arbitrary processes in any Kubernetes pod, leading to cluster-wide denial of service...

CVE-2025-58366 Onyxia private helm repository credentials are leaked through unauthenticated API

Onyxia is a data science environment for kubernetes. In versions 4.6.0 through 4.8.0, Onyxia-API leaked the credentials of private helm repositories in the public unauthenticated /public/catalogs endpoint.vOnly instances using private helm repositories i.e setting username & password in the...

VulnCheck KEV: CVE-2025-57788

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk...

Commvault 11.32.x < 11.32.102 / 11.36.x < 11.36.60 Multiple Vulnerabilities (CV_2025_08_1-4)

The version of Commvault installed on the remote host is 11.32.x prior to 11.32.102 or 11.36.x prior to 11.36.60. It is, therefore, affected by multiple vulnerabilities as disclosed in Commvault advisories CV2025081, CV2025082, CV2025083 and CV2025084: - A security vulnerability has been identifi...

CVE-2025-57788

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk...

CVE-2025-57788 Unauthorized API Access Risk

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk...

CVE-2025-54554

tiaudit in Tera Insights tiCrypt before 2025-07-17 allows unauthenticated REST API requests that reveal sensitive information about the underlying SQL queries and database structure...

CVE-2025-54554

tiaudit in Tera Insights tiCrypt before 2025-07-17 allows unauthenticated REST API requests that reveal sensitive information about the underlying SQL queries and database structure...

CVE-2025-54554

CVE-2025-54554 affects Tera Insights tiCrypt (tiaudit component) prior to 2025-07-17. The vulnerability allows unauthenticated REST API requests that disclose sensitive information about underlying SQL queries and database structure. Reported across multiple feeds (Red Hat, PT Security, CVE lists...

Radiflow iSAP Smart Collector 安全漏洞

Radiflow iSAP Smart Collector is a remote traffic collection and forwarding appliance designed for industrial networks from Radiflow USA. A security vulnerability exists in the Radiflow iSAP Smart Collector that originates from an unauthenticated REST API on the management network and could lead ...

CVE-2023-30131

An issue discovered in IXP EasyInstall 6.6.14884.0 allows attackers to run arbitrary commands, gain escalated privilege, and cause other unspecified impacts via unauthenticated API calls...

CVE-2023-3709

The Royal Elementor Addons plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 1.3.70 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers to...