Lucene search
K

4563 matches found

RedhatCVE
RedhatCVE
added 2025/07/03 7:25 p.m.7 views

CVE-2025-27153

Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...

6.5CVSS7.4AI score0.00242EPSS
Exploits0References1
NVD
NVD
added 2025/07/03 1:15 p.m.8 views

CVE-2025-49595

n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability in /rest/binary-data endpoint when processing empty filesystem URIs filesystem:// or filesystem-v2://. This allows authenticated attackers to cause service unavailability through malformed...

4.9CVSS0.00379EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.7 views

PT-2025-27832 · N8N · N8N

Name of the Vulnerable Software and Affected Versions: n8n versions prior to 1.99.1 Description: n8n is a workflow automation platform. An authorization issue was found in the "/rest/executions/:id/stop" endpoint, allowing an authenticated user to stop workflow executions they do not own or that...

4.9CVSS6.1AI score0.00268EPSS
Exploits0References10
NVD
NVD
added 2025/07/01 7:15 p.m.7 views

CVE-2025-27153

Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...

6.5CVSS0.00242EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/01 6:27 p.m.10 views

CVE-2025-27153 Escalade GLPI Plugin Vulnerable to Improper Access Control

Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...

6.5CVSS0.00242EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/01 6:27 p.m.7 views

CVE-2025-27153 Escalade GLPI Plugin Vulnerable to Improper Access Control

Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...

6.5CVSS7.3AI score0.00242EPSS
Exploits0References2
CVE
CVE
added 2025/07/01 6:27 p.m.25 views

CVE-2025-27153

CVE-2025-27153 concerns the Escalade GLPI plugin for GLPI. Prior to version 2.9.11, an improper access control vulnerability could allow exposure of data and disrupt workflows. The issue has been patched in version 2.9.11. The published metrics indicate a base CVSS v3.1 score of 6.5 (MEDIUM) with...

6.5CVSS7.3AI score0.00242EPSS
Exploits0References2
OSV
OSV
added 2025/07/01 6:27 p.m.7 views

CVE-2025-27153 Escalade GLPI Plugin Vulnerable to Improper Access Control

Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...

6.5CVSS6.9AI score0.00242EPSS
Exploits0References4
CVE
CVE
added 2025/07/01 6:17 p.m.20 views

CVE-2025-53104

CVE-2025-53104 concerns the gluestack-ui project, where a command injection flaw existed in the discussion-to-slack.yml GitHub Actions workflow. The root cause was untrusted Discussion fields (title/body, etc.) being interpolated directly into shell commands in a run: block, allowing an attacker ...

9.1CVSS8.3AI score0.01185EPSS
Exploits0References2
OSV
OSV
added 2025/07/01 6:17 p.m.4 views

CVE-2025-53104 gluestack-ui Command Injection Vulnerability via discussion-to-slack GitHub Action Workflow

gluestack-ui is a library of copy-pasteable components & patterns crafted with Tailwind CSS NativeWind. Prior to commit e6b4271, a command injection vulnerability was discovered in the discussion-to-slack.yml GitHub Actions workflow. Untrusted discussion fields title, body, etc. were directly...

9.1CVSS8.3AI score0.01185EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/07/01 12:0 a.m.3 views

PT-2025-27573 · Glpi +1 · Escalade Glpi Plugin +1

Name of the Vulnerable Software and Affected Versions: Escalade GLPI plugin versions prior to 2.9.11 Description: The issue is related to improper access control, which can lead to data exposure and workflow disruptions. Recommendations: For versions prior to 2.9.11, update to version 2.9.11 to...

6.5CVSS6.3AI score0.00242EPSS
Exploits0References8
Metasploit
Metasploit
added 2025/06/29 6:53 p.m.494 views

Skyvern SSTI Remote Code Execution

This module exploits SSTI vulnerability in Skyvern use exploit/linux/http/skyvernssticve202549619 msf exploitskyvernssticve202549619 show targets ...targets... msf exploitskyvernssticve202549619 set TARGET msf exploitskyvernssticve202549619 show options ...show and set options... msf...

8.5CVSS5.8AI score0.13746EPSS
Exploits6
Cvelist
Cvelist
added 2025/06/26 7:45 p.m.9 views

CVE-2025-49592 n8n Login Flow has Open Redirect Vulnerability

n8n is a workflow automation platform. Versions prior to 1.98.0 have an Open Redirect vulnerability in the login flow. Authenticated users can be redirected to untrusted, attacker-controlled domains after logging in, by crafting malicious URLs with a misleading redirect query parameter. This may...

4.6CVSS0.00193EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/06/26 7:45 p.m.2 views

CVE-2025-49592 n8n Login Flow has Open Redirect Vulnerability

n8n is a workflow automation platform. Versions prior to 1.98.0 have an Open Redirect vulnerability in the login flow. Authenticated users can be redirected to untrusted, attacker-controlled domains after logging in, by crafting malicious URLs with a misleading redirect query parameter. This may...

4.6CVSS7AI score0.00193EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/26 9:15 a.m.5 views

Multiple vulnerabilities in multiple BROTHER products

Overview Multiple BROTHER products provided by BROTHER INDUSTRIES, LTD. contain multiple vulnerabilities listed below. Exposure of sensitive system information to an unauthorized control sphere CWE-497 - CVE-2024-51977 Use of weak credentials CWE-1391 - CVE-2024-51978 Stack-based buffer overflow...

9.8CVSS7.6AI score0.7656EPSS
Exploits0References25
The Hacker News
The Hacker News
added 2025/06/23 11:25 a.m.4 views

How AI-Enabled Workflow Automation Can Help SOCs Reduce Burnout

It sure is a hard time to be a SOC analyst. Every day, they are expected to solve high-consequence problems with half the data and twice the pressure. Analysts are overwhelmed—not just by threats, but by the systems and processes in place that are meant to help them respond. Tooling is fragmented...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.2 views

Secure API-Driven Research Automation to Accelerate Scientific Discovery

The Secure Scientific Service Mesh S3M provides API-driven infrastructure to accelerate scientific discovery through automated research workflows. By integrating near real-time streaming capabilities, intelligent workflow orchestration, and fine-grained authorization within a service mesh...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.5 views

SoK: Automated Vulnerability Repair: Methods, Tools, and Assessments

The increasing complexity of software has led to the steady growth of vulnerabilities. Vulnerability repair investigates how to fix software vulnerabilities. Manual vulnerability repair is labor-intensive and time-consuming because it relies on human experts, highlighting the importance of...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.2 views

pgai 信息泄露漏洞

pgai is a set of tools open-sourced by timescale to make it easier to develop RAG, semantic search, and other AI applications using PostgreSQL. An information disclosure vulnerability exists in pgai, which stems from a vulnerability that allows an attacker to steal all secrets in a workflow...

9.1CVSS6.1AI score0.00339EPSS
Exploits0References1
Snyk
Snyk
added 2025/06/17 7:45 a.m.3 views

Directory Traversal

Overview python-a2a is an A comprehensive Python library for Google's Agent-to-Agent A2A protocol Affected versions of this package are vulnerable to Directory Traversal via the createworkflow function in the api.py file. An attacker can access or modify files outside the intended directory by...

9.8CVSS7.7AI score0.0071EPSS
Exploits1References2
Rows per page
Query Builder