Lucene search
K

25 matches found

NVD
NVD
added 2026/04/21 9:16 p.m.5 views

CVE-2026-21999

Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise XML Database. Successful attacks require human interaction...

5.3CVSS0.00227EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.8 views

CVE-2023-29031

A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation...

7.1CVSS6AI score0.0049EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-11715

Malware in sbrugna...

5.3CVSS4.8AI score0.01417EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-7594

Malware in sbrugna...

9.3CVSS9.1AI score0.0672EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-8704

Malware in sbrugna...

5CVSS6.4AI score0.0148EPSS
Exploits3References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-0573

Malware in sbrugna...

5CVSS6.3AI score0.021EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-7597

Malware in sbrugna...

9.3CVSS9.1AI score0.0672EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-7371

Malware in sbrugna...

5.3CVSS5.6AI score0.01983EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-48344

Malicious code in bioql PyPI...

5.9CVSS6.9AI score0.00296EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/12 3:21 p.m.6 views

CVE-2024-38524

GeoServer is an open source server that allows users to share and edit geospatial data. org.geowebcache.GeoWebCacheDispatcher.handleFrontPageHttpServletRequest, HttpServletResponse has no check to hide potentially sensitive information from users except for a hidden system property to hide the...

7.5CVSS4.9AI score0.00372EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:19 a.m.13 views

CVE-2024-27090

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. If an attacker can infer the slug or URL of an unpublished or private resource, and this resource can be embbeded such as a...

5.3CVSS6.7AI score0.00492EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:24 p.m.6 views

CVE-2021-29553

TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in tf.rawops.QuantizeAndDequantizeV3. This is because the...

7.1CVSS6.8AI score0.00198EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:11 p.m.7 views

CVE-2020-12001

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 an...

9.8CVSS7.3AI score0.11503EPSS
Exploits0References1
CVE
CVE
added 2025/05/20 1:47 p.m.37 views

CVE-2025-47937

CVE-2025-47937 affects TYPO3 (PHP-based CMS). The issue arises in TYPO3 versions 9.0.0 through just before the fixed ELTS releases, where a DBAL multi-table query applies FrontendGroupRestriction only to the first table. This can allow data from additional tables in the same query to be exposed t...

5.3CVSS6.9AI score0.00253EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2025/03/20 10:10 a.m.9 views

CVE-2024-6866

corydolphin/flask-cors version 4.01 contains a vulnerability where the request path matching is case-insensitive due to the use of the trymatch function, which is originally intended for matching hosts. This results in a mismatch because paths in URLs are case-sensitive, but the regex matching...

7.5CVSS5.9AI score0.00642EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2025/03/12 12:0 a.m.7 views

CVE-2025-25975

An issue in parse-git-config v.3.0.0 allows an attacker to obtain sensitive information via the expandKeys function...

6AI score0.00437EPSS
Exploits1References1
CVE
CVE
added 2025/02/14 4:47 p.m.83 views

CVE-2025-25206

CVE-2025-25206 affects eLabFTW prior to version 5.1.15. The issue is caused by incorrect input validation that could allow an authenticated user to read sensitive information (e.g., login tokens or other data in the database). This could lead to privilege escalation if cookies are enabled (defaul...

8.8CVSS6.6AI score0.00448EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/13 5:53 a.m.3 views

CVE-2025-1060

CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result in the exposure of data when network traffic is being sniffed by an attacker...

8.7CVSS6.9AI score0.00226EPSS
Exploits0References1
NVD
NVD
added 2025/01/13 6:15 a.m.38 views

CVE-2024-12274

The Appointment Booking Calendar Plugin and Scheduling Plugin WordPress plugin before 1.1.23 export settings functionality exports data to a public folder, with an easily guessable file name, allowing unauthenticated attackers to access the exported files if they exist...

7.5CVSS0.00616EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/08/25 12:0 a.m.5 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab EE that stems from incorrect...

6.5CVSS6.5AI score0.01006EPSS
Exploits0References3
Rows per page
Query Builder