Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-27849

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00314EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/30 6:17 p.m.4 views

CVE-2025-35115

Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30...

9.2CVSS6.8AI score0.00219EPSS
Exploits0References1
OSV
OSV
added 2025/08/26 11:15 p.m.9 views

CVE-2025-35114

Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Users should upgrade to Agiloft Release 30...

8.7CVSS5.8AI score0.00314EPSS
Exploits0References3
NVD
NVD
added 2025/08/26 11:15 p.m.6 views

CVE-2025-35114

Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Users should upgrade to Agiloft Release 30...

8.7CVSS0.00314EPSS
Exploits0References3
NVD
NVD
added 2025/08/26 11:15 p.m.6 views

CVE-2025-35115

Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30...

9.2CVSS0.00219EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/26 10:18 p.m.3 views

CVE-2025-35115 Agiloft insecure download of system packages

Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30...

9.2CVSS6.3AI score0.00219EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/26 10:18 p.m.8 views

CVE-2025-35115 Agiloft insecure download of system packages

Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30...

9.2CVSS0.00219EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/26 10:18 p.m.7 views

CVE-2025-35114 Agiloft local privilege escalation via default credentials

Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Users should upgrade to Agiloft Release 30...

8.7CVSS0.00314EPSS
Exploits0References3
Rows per page
Query Builder