Lucene search
+L

770 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-29072

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.01078EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-31836

Malicious code in bioql PyPI...

9.1CVSS9AI score0.01046EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-31835

Malicious code in bioql PyPI...

4.3CVSS5AI score0.0067EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-34027

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00997EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-34026

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00945EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-33404

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00451EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-14716

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00247EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-31687

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00881EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-29075

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01065EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 10:20 a.m.11 views

CVE-2024-33668

An issue was discovered in Zammad before 6.3.0. The Zammad Upload Cache uses insecure, partially guessable FormIDs to identify content. An attacker could try to brute force them to upload malicious content to article drafts they have no access to...

9.1CVSS6.9AI score0.00443EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 7:57 a.m.9 views

CVE-2024-33667

An issue was discovered in Zammad before 6.3.0. An authenticated agent could perform a remote Denial of Service attack by calling an endpoint that accepts a generic method name, which was not properly sanitized against an allowlist...

6.5CVSS6.8AI score0.0056EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 7:56 a.m.16 views

CVE-2024-33666

An issue was discovered in Zammad before 6.3.0. Users with customer access to a ticket could have accessed time accounting details of this ticket via the API. This data should be available only to agents...

8.6CVSS6.8AI score0.00511EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 6:50 a.m.5 views

CVE-2024-55578

Zammad before 6.4.1 places sensitive data such as authmicrosoftoffice365credentials and applicationsecret in log files...

4.3CVSS6.8AI score0.00288EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 4:29 a.m.9 views

CVE-2023-50456

An issue was discovered in Zammad before 6.2.0. An attacker can trigger phishing links in generated notification emails via a crafted first or last name...

5.3CVSS6.8AI score0.00441EPSS
Exploits0
redhatcve
redhatcve
added 2025/05/23 4:29 a.m.10 views

CVE-2023-50453

An issue was discovered in Zammad before 6.2.0. It uses the public endpoint /api/v1/signshow for its login screen. This endpoint returns internal configuration data of user object attributes, such as selectable values, which should not be visible to the public...

5.3CVSS6.8AI score0.00495EPSS
Exploits0
redhatcve
redhatcve
added 2025/05/23 4:29 a.m.10 views

CVE-2023-50457

An issue was discovered in Zammad before 6.2.0. When listing tickets linked to a knowledge base answer, or knowledge base answers of a ticket, a user could see entries for which they lack permissions...

4.3CVSS6.9AI score0.00415EPSS
Exploits0
redhatcve
redhatcve
added 2025/05/23 3:46 a.m.12 views

CVE-2023-31597

An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. Attackers are also able to gain unauthorized access to existing tickets...

6.5CVSS7.2AI score0.00425EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 3:41 a.m.15 views

CVE-2023-29867

Zammad 5.3.x Fixed 5.4.0 is vulnerable to Incorrect Access Control. An authenticated attacker could gain information about linked accounts of users involved in their tickets using the Zammad API...

6.5CVSS6.5AI score0.00451EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 3:41 a.m.8 views

CVE-2023-29868

Zammad 5.3.x Fixed in 5.4.0 is vulnerable to Incorrect Access Control. An authenticated attacker with agent and customer roles could perform unauthorized changes on articles where they only have customer permissions...

6.5CVSS6.7AI score0.01035EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 1:15 a.m.6 views

CVE-2022-29700

A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service DoS during password verification...

7.5CVSS7AI score0.00945EPSS
Exploits0References1
Rows per page
Query Builder