Lucene search
K

100 matches found

EUVD
EUVD
added 12 hours ago7 views

EUVD-2026-41530

A vulnerability exists in the Kong Konnect Model Context Protocol MCP server prior to version 1.0.0, which could allow a remote attacker to perform an indirect prompt injection attack and execute unintended API requests...

7.4CVSS6.1AI score
Exploits0References1
OSV
OSV
added 4 days ago5 views

PYSEC-2026-414 misp-modules website - Missing CSRF protection in the website home blueprint

A Cross-Site Request Forgery vulnerability in the MISP Modules website allowed an attacker to cause an authenticated user to submit unintended requests to the home endpoint. The vulnerability was due to the home blueprint being exempted from CSRF protection. This could allow modification of sessi...

9.3CVSS5.8AI score0.00185EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.8 views

CVE-2026-0502

Due to insufficient CSRF protection in SAP BusinessObjects Business Intelligence Platform ,an authenticated user could be tricked by an attacker to send unintended requests to the web server. This has low impact on integrity and availability of the application. There is no impact on confidentiali...

5.4CVSS5.4AI score0.00121EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 9:32 p.m.11 views

EUVD-2026-30105

A server-side request forgery SSRF vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service DoS condition. Panorama, Cloud NGFW and...

8.3CVSS5.8AI score0.00317EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 3:31 a.m.9 views

EUVD-2026-29369

Due to insufficient CSRF protection in SAP BusinessObjects Business Intelligence Platform ,an authenticated user could be tricked by an attacker to send unintended requests to the web server. This has low impact on integrity and availability of the application. There is no impact on confidentiali...

5.4CVSS5.8AI score0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/05/12 3:16 a.m.32 views

CVE-2026-0502

Due to insufficient CSRF protection in SAP BusinessObjects Business Intelligence Platform ,an authenticated user could be tricked by an attacker to send unintended requests to the web server. This has low impact on integrity and availability of the application. There is no impact on confidentiali...

5.4CVSS0.00121EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 2:19 a.m.11 views

CVE-2026-0502 Cross Site Request Forgery (CSRF) in SAP BusinessObjects Business Intelligence Platform

Due to insufficient CSRF protection in SAP BusinessObjects Business Intelligence Platform ,an authenticated user could be tricked by an attacker to send unintended requests to the web server. This has low impact on integrity and availability of the application. There is no impact on confidentiali...

5.4CVSS5.8AI score0.00121EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 2:19 a.m.54 views

CVE-2026-0502 Cross Site Request Forgery (CSRF) in SAP BusinessObjects Business Intelligence Platform

Due to insufficient CSRF protection in SAP BusinessObjects Business Intelligence Platform ,an authenticated user could be tricked by an attacker to send unintended requests to the web server. This has low impact on integrity and availability of the application. There is no impact on confidentiali...

5.4CVSS0.00121EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/09 12:20 a.m.14 views

Signed to Unsigned Conversion Error

Overview Affected versions of this package are vulnerable to Signed to Unsigned Conversion Error via the parseuri process. An attacker can cause requests to be sent to unintended ports by exploiting port truncation through manipulation of the URI, potentially leading to unauthorized network acces...

6.9CVSS5.7AI score0.00346EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:13 p.m.4 views

CVE-2025-62320

HTML Injection can be carried out in Product when a web application does not properly check or clean user input before showing it on a webpage. Because of this, an attacker may insert unwanted HTML code into the page. When the browser loads the page, it may automatically interact with external...

4.7CVSS5.9AI score0.00158EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/08 5:11 p.m.3 views

CVE-2025-13683

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0...

6.5CVSS7AI score0.00346EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.3 views

Devolutions Server < 2025.3.10.0 AI Integration API Key Exposure (DEVO-2025-0017)

The version of Devolutions Server installed on the remote host is prior to 2025.3.10.0, and is, therefore, affected by an AI integration API key exposure vulnerability: - Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows. This issue affects...

6.5CVSS5.8AI score0.00346EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/28 6:30 p.m.4 views

EUVD-2025-199879

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0...

6.5CVSS6.5AI score0.00346EPSS
Exploits0References2
NVD
NVD
added 2025/11/28 5:16 p.m.3 views

CVE-2025-13683

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0...

6.5CVSS0.00346EPSS
Exploits0References1
OSV
OSV
added 2025/11/28 5:16 p.m.4 views

CVE-2025-13683

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0...

6.5CVSS5.8AI score0.00346EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/28 5:0 p.m.3 views

CVE-2025-13683

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0...

6.7AI score0.00346EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/28 5:0 p.m.8 views

CVE-2025-13683

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0...

0.00346EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/28 4:1 p.m.4 views

CVE-2025-13758

Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8...

3.5CVSS7AI score0.00258EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/27 6:30 p.m.6 views

EUVD-2025-199828

Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8...

6.5AI score0.00258EPSS
Exploits0References2
NVD
NVD
added 2025/11/27 4:15 p.m.2 views

CVE-2025-13758

Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8...

3.5CVSS0.00258EPSS
Exploits0References1
Rows per page
Query Builder