Lucene search
K

131 matches found

Cvelist
Cvelist
added 2025/10/03 6:16 p.m.12 views

CVE-2025-52658 HCL MyXalytics is affected by the use of vulnerable/outdated versions

HCL MyXalytics is affected by the use of vulnerable/outdated versions which can expose the application to known security risks that could be exploited...

3.5CVSS0.00182EPSS
Exploits0References1
CVE
CVE
added 2025/09/10 12:28 p.m.21 views

CVE-2025-10220

CVE-2025-10220 affects AxxonSoft Axxon One VMS 2.0.0–2.0.4 on Windows due to use of unmaintained third‑party NuGet components (e.g., Google.Protobuf, DynamicData, System.Runtime.CompilerServices.Unsafe). The underlying issue is reliance on unmaintained third‑party packages, enabling remote code e...

9.8CVSS7.4AI score0.00686EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/25 1:30 p.m.16 views

Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-49058 DESCRIPTION: In the Linux kernel, the following vulnerability has...

7.8CVSS9.1AI score0.00312EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/15 2:37 p.m.13 views

Security Bulletin: IBM QRadar Log Source Management app for IBM QRadar SIEM includes components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Log Source Management app for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-7339 DESCRIPTION: on-headers is ...

9.1CVSS5.9AI score0.00478EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/15 2:35 p.m.14 views

Security Bulletin: IBM QRadar Data Synchronization app for IBM QRadar SIEM includes components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Data Synchronization app for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of...

9.4CVSS6.8AI score0.01735EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 7:2 a.m.6 views

CVE-2024-32212

SQL Injection vulnerability in LOGINT LoMag Inventory Management v1.0.20.120 and before allows an attacker to execute arbitrary code via the ArticleGetGroups, DocAddDocument, ClassClickShop and frmSettings components...

8.1CVSS8.8AI score0.00666EPSS
Exploits4References1
OSV
OSV
added 2025/03/12 3:32 p.m.1 views

GHSA-96V5-C2H5-56HM Apache Camel Message Header Injection through request parameters

Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.9.0 before 4.10.2, from 4.0.0 before 4.8.5, from 3.10.0 before 3.22.4. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4 for 3.x releases. This vulnerability is...

4.2CVSS5.9AI score0.79817EPSS
Exploits4References8
NVD
NVD
added 2025/03/12 3:15 p.m.18 views

CVE-2025-29891

Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.10.0 before 4.10.2, from 4.8.0 before 4.8.5, from 3.10.0 before 3.22.4. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4 for 3.x releases. This vulnerability is...

4.8CVSS0.71999EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2025/02/05 9:0 p.m.19 views

CVE-2022-46836

PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk = 2.1.0p10, Checkmk = 2.0.0p27, and Checkmk = 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component...

9.1CVSS7.3AI score0.01126EPSS
Exploits2References1
Github Security Blog
Github Security Blog
added 2024/12/13 8:35 p.m.22 views

Laravel Pulse Allows Remote Code Execution via Unprotected Query Method

A vulnerability has been discovered in Laravel Pulse that could allow remote code execution through the public remember method in the Laravel\Pulse\Livewire\Concerns\RemembersQueries trait. This method is accessible via Livewire components and can be exploited to call arbitrary callables within t...

8.8CVSS8.9AI score0.28571EPSS
Exploits3References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.5 views

PT-2024-12456 · Cleantalk · Cleantalk-Spam-Protect

Name of the Vulnerable Software and Affected Versions: CleanTalk Spam Protection versions 6.10 and below Description: The issue is related to a Missing Authorization vulnerability, which allows for broken access control. This can compromise the security of the site. The estimated number of...

8.8CVSS9.5AI score0.00685EPSS
Exploits0References24
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/20 3:25 p.m.28 views

Security Bulletin: QRadar Pulse application add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has released a new version which addresses the vulnerabilities. Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: pillarjs Path-to-RegExp is vulnerable...

7.5CVSS5.8AI score0.00932EPSS
Exploits1Affected Software1
SUSE CVE
SUSE CVE
added 2024/10/12 2:48 a.m.3 views

SUSE CVE-2024-47868

Gradio is an open-source Python package designed for quick prototyping. This is a data validation vulnerability affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting requests that bypass expected...

7.5CVSS6.6AI score0.00804EPSS
Exploits1References3
PyPA
PyPA
added 2024/10/10 11:15 p.m.6 views

PYSEC-2024-217

Gradio is an open-source Python package designed for quick prototyping. This is a data validation vulnerability affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting requests that bypass expected...

7.5CVSS6.8AI score0.00804EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2024/10/10 11:15 p.m.13 views

PYSEC-2024-217

Gradio is an open-source Python package designed for quick prototyping. This is a data validation vulnerability affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting requests that bypass expected...

7.5CVSS7.5AI score0.00804EPSS
Exploits1References1
Snyk
Snyk
added 2024/10/10 10:3 p.m.1 views

Directory Traversal

Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Directory Traversal through the post-processing step. An attacker can expose sensitive files by crafting requests that bypass expected input...

7.5CVSS7.5AI score0.00804EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/17 5:39 p.m.24 views

Security Bulletin: IBM Security QRadar Analyst Workflow for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. The update addresses these issues. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by improper...

8.1CVSS8.6AI score0.08279EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/05 4:42 p.m.25 views

Security Bulletin: IBM QRadar Assistant App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities (CVE-2024-39338, CVE-2024-4068, CVE-2021-23727)

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. The update addresses these issues. Vulnerability Details CVEID:CVE-2024-39338 DESCRIPTION: Axios is vulnerable to server-side request forgery, caused by a flaw...

7.5CVSS8.1AI score0.03877EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/22 2:38 p.m.23 views

Security Bulletin: IBM QRadar DNS Analyzer app is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. The update addresses these issues. Vulnerability Details CVEID:CVE-2022-40897 DESCRIPTION: Pypa Setuptools is vulnerable to a denial of service, caused by improp...

7.5CVSS6.8AI score0.02617EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/24 5:15 p.m.42 views

Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM QRadar Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-37601 DESCRIPTION: webpack...

9.8CVSS9AI score0.0434EPSS
Exploits9Affected Software1
Rows per page
Query Builder