Lucene search
K

280 matches found

OSV
OSV
added 2025/11/11 7:16 a.m.2 views

MAL-2025-103077 Malicious code in general_falcon_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0673a92202c743357da81c5187bc36d05a550edbe373f7094cfbffb274832a74 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 7:16 a.m.1 views

MAL-2025-109660 Malicious code in tiara-gandul78-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 567bd0ee1edf9f0e60efd1c576d67eeb07003a8de9b176a9436dd43c910cdedb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 5:50 a.m.3 views

Malicious code in maya-lengko48-pore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d607950f73cce737872d8beaea003a169439c9a66b63d8c8cef7647555bf3e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/06 6:36 p.m.2 views

CVE-2024-25621

containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...

7.8CVSS6.8AI score0.00159EPSS
Exploits1References3
OSV
OSV
added 2025/10/29 10:20 p.m.3 views

GHSA-MWMH-7PX9-4C23 ZITADEL Vulnerable to Account Takeover via Malicious Forwarded Header Injection

Impact A potential vulnerability exists in ZITADEL's password reset mechanism. ZITADEL utilizes the Forwarded or X-Forwarded-Host header from incoming requests to construct the URL for the password reset confirmation link. This link, containing a secret code, is then emailed to the user. If an...

8.1CVSS7.5AI score0.00345EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.4 views

PT-2025-44366

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.0 through 7.4.3.119 Liferay DXP versions 2023.Q3.1 through 2023.Q4.10 and 2024.Q1.1 through 2024.Q1.5 Liferay Portal 7.4 GA through update 92 Older unsupported versions Description A flaw exists that allows remote...

6.9CVSS6.7AI score0.00384EPSS
Exploits0References20
Vulnrichment
Vulnrichment
added 2025/10/27 3:3 p.m.4 views

CVE-2025-12351 Inadequate access control measure allows unauthorized users to access restricted administrative functions

Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of...

6.8CVSS6.5AI score0.0021EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/23 12:0 a.m.4 views

PT-2025-43548

Name of the Vulnerable Software and Affected Versions Vault versions prior to 1.21.0 Vault Enterprise versions prior to 1.21.0, 1.20.5, 1.19.11, and 1.16.27 Description The AWS Auth method in Vault and Vault Enterprise may allow authentication bypass if the bound principal iam role is identical...

9.1CVSS9.3AI score0.00655EPSS
Exploits2References98
ICS
ICS
added 2025/10/14 12:0 a.m.9 views

Siemens Solid Edge

SUMMARY Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted PRT files format. This could allow an attacker to crash the application or execute arbitrary code. Siemens has released new versions for the affected...

7.4AI score
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2017-2919

Malware in sbrugna...

6.1CVSS6.4AI score0.02733EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-27456

Malware in sbrugna...

4CVSS3.8AI score0.00596EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-0849

Malware in sbrugna...

5.4CVSS5.4AI score0.00941EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-2187

Malware in sbrugna...

7.8CVSS6.1AI score0.00482EPSS
Exploits0References23
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-28257

Malicious code in bioql PyPI...

10CVSS9.2AI score0.01064EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-8256

Malicious code in bioql PyPI...

8.7CVSS6.8AI score0.00471EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-34251

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00636EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-4085

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.0139EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.2 views

PT-2025-34932 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.15 through 18.1.4 GitLab CE/EE versions 18.2 through 18.2.4 GitLab CE/EE versions 18.3 through 18.3.0 Description: An authenticated user could cause a Denial of Service DoS condition by submitting URLs that generate...

6.5CVSS6.2AI score0.00296EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.9 views

PT-2025-34172 · Ubiquiti · Unifi Connect Display +2

Name of the Vulnerable Software and Affected Versions: UniFi Connect EV Station Pro versions 1.5.18 and earlier UniFi Connect Display versions 1.9.324 and earlier UniFi Connect Display Cast versions 1.9.301 and earlier UniFi Connect Display Cast Pro versions 1.0.78 and earlier UniFi Connect Displ...

4.9CVSS6.4AI score0.00229EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.6 views

PT-2025-33842 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.0 through 7.4.3.132 Liferay DXP versions 2025.Q2.0 through 2025.Q2.7 Liferay DXP versions 2025.Q1.0 through 2025.Q1.14 Liferay DXP versions 2024.Q4.0 through 2024.Q4.7 Liferay DXP versions 2024.Q3.1 through...

6.9CVSS6.5AI score0.00231EPSS
Exploits0References10
Rows per page
Query Builder