Lucene search
K

260 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-16710

Malware in sbrugna...

5.4CVSS5.5AI score0.00787EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-4080

Malware in sbrugna...

5.4CVSS5.5AI score0.01256EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-1905

Malware in sbrugna...

6.5CVSS6.6AI score0.00438EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-6021

Malware in sbrugna...

10CVSS6.4AI score0.01541EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-53000

Malicious code in bioql PyPI...

4.9CVSS6.4AI score0.00343EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-4180

Malicious code in bioql PyPI...

8.1CVSS6.6AI score0.00487EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-4179

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00275EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-4181

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.0053EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-11143

Malicious code in bioql PyPI...

6.9CVSS6.5AI score0.00264EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/14 11:22 a.m.15 views

CVE-2025-27238

Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...

2.1CVSS6.7AI score0.00169EPSS
Exploits0References1
OSV
OSV
added 2025/09/12 11:46 a.m.5 views

BIT-NIFI-2022-33140 Improper Neutralization of Command Elements in Shell User Group Provider

The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is not included in the...

8.8CVSS7.6AI score0.03674EPSS
Exploits0References3
OSV
OSV
added 2025/09/12 11:15 a.m.3 views

CVE-2025-27238

Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...

3.5CVSS6.9AI score
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/09/12 11:15 a.m.7 views

CVE-2025-27238

Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...

3.5CVSS6.9AI score0.00169EPSS
Exploits0References1
OSV
OSV
added 2025/09/12 11:15 a.m.3 views

DEBIAN-CVE-2025-27238

Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...

3.5CVSS5.3AI score0.00169EPSS
Exploits0References1
NVD
NVD
added 2025/09/12 11:15 a.m.17 views

CVE-2025-27238

Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...

3.5CVSS0.00169EPSS
Exploits0References1
OSV
OSV
added 2025/09/12 11:15 a.m.6 views

UBUNTU-CVE-2025-27238

Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...

3.5CVSS5.8AI score0.00169EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/12 10:33 a.m.4 views

CVE-2025-27238 API hostprototype.get lists data to users with insufficient authorization.

Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...

2.1CVSS6.4AI score0.00169EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/24 12:23 a.m.12 views

CVE-2025-51479

Authorization bypass in updateusergroup in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows remote authenticated attackers to modify arbitrary user groups via crafted PATCH requests to the /api/manage/admin/user-group/id endpoint, bypassing intended curator-group assignment checks...

5.4CVSS6.4AI score0.0028EPSS
Exploits1References1
NVD
NVD
added 2025/07/22 7:15 p.m.23 views

CVE-2025-51479

Authorization bypass in updateusergroup in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows remote authenticated attackers to modify arbitrary user groups via crafted PATCH requests to the /api/manage/admin/user-group/id endpoint, bypassing intended curator-group assignment checks...

5.4CVSS0.0028EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/07/22 12:0 a.m.4 views

Onyx 安全漏洞

Onyx is an AI big modeling platform open-sourced by Onyx. A security vulnerability exists in Onyx version 0.27.0, which stems from an authorization bypass vulnerability in updateusergroup that could lead to modifying arbitrary user groups...

5.4CVSS6.6AI score0.0028EPSS
Exploits1References5
Rows per page
Query Builder