Lucene search
K

211 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-7499

Malware in sbrugna...

8.8CVSS8.6AI score0.00874EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-11825

Malware in sbrugna...

8.8CVSS8.8AI score0.01417EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-29059

Malicious code in bioql PyPI...

8.2CVSS8.1AI score0.0141EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-31913

Malicious code in bioql PyPI...

8.3CVSS6.6AI score0.00436EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-35760

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00506EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-45609

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00519EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-39387

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00683EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-2767

Malicious code in bioql PyPI...

7.3CVSS6.6AI score0.00279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/14 2:24 a.m.11 views

CVE-2025-42945

SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Due to this, an attacker could craft a URL with malicious script as payload and trick a victim with active user session into executing it. Upon successful exploit, this vulnerability could lead to limited access to data or it...

6.1CVSS7.2AI score0.00189EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 2:5 a.m.4 views

CVE-2025-42945 HTML Injection vulnerability in SAP NetWeaver Application Server ABAP

SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Due to this, an attacker could craft a URL with malicious script as payload and trick a victim with active user session into executing it. Upon successful exploit, this vulnerability could lead to limited access to data or it...

6.1CVSS7.2AI score0.00189EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/12 2:5 a.m.8 views

CVE-2025-42945 HTML Injection vulnerability in SAP NetWeaver Application Server ABAP

SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Due to this, an attacker could craft a URL with malicious script as payload and trick a victim with active user session into executing it. Upon successful exploit, this vulnerability could lead to limited access to data or it...

6.1CVSS0.00189EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.7 views

PT-2025-32606 · Sap · Sap Netweaver Application Server Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP affected versions not specified Description: SAP NetWeaver Application Server ABAP is susceptible to an HTML injection issue. An attacker can construct a URL containing a malicious script as a payload,...

6.1CVSS6.9AI score0.00189EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.333 views

VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting (XSS)

VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting XSS - Exploit Title: VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting XSS - Date: 2025-08-08 - Exploit Author: Imraan Khan Lich-Sec - Vendor Homepage: https://www.vmware.com - Version: vSphere Client 8.0.3.0 - Tested On:...

4.3CVSS7.4AI score0.00785EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2025/06/09 5:27 p.m.12 views

CVE-2025-49653 Exposure of sensitive Information allows account takeover

Exposure of sensitive data in active sessions in Lablup's BackendAI allows attackers to retrieve credentials for users on the management platform...

8CVSS7AI score0.00304EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:51 a.m.10 views

CVE-2023-46238

ZITADEL is an identity infrastructure management system. ZITADEL users can upload their own avatar image using various image types including SVG. SVG can include scripts, such as javascript, which can be executed during rendering. Due to a missing security header, an attacker could inject code to...

8.7CVSS7.2AI score0.00437EPSS
Exploits0References1
Information Security Automation
Information Security Automation
added 2025/05/06 3:12 p.m.31 views

About Remote Code Execution & Arbitrary File Reading – Apache HTTP Server (CVE-2024-38475) vulnerability

About Remote Code Execution & Arbitrary File Reading - Apache HTTP Server CVE-2024-38475 vulnerability. Improper escaping of output in modrewrite module leads to remote code execution or arbitrary file reading. Successful exploitation does not require authentication. Apache HTTP Server 2.4.60,...

9.1CVSS8.7AI score0.99957EPSS
Exploits1
OSV
OSV
added 2025/02/24 9:35 a.m.3 views

GHSA-RHVR-6W8C-6V7W Mattermost fails to invalidate all active sessions when converting a user to a bot

Mattermost versions 9.11.x = 9.11.6, 10.4.x = 10.4.1 fail to invalidate all active sessions when converting a user to a bot, with allows the converted user to escalate their privileges depending on the permissions granted to the bot...

3.1CVSS7AI score0.00237EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 7:31 a.m.5 views

CVE-2024-23831

LedgerSMB is a free web-based double-entry accounting system. When a LedgerSMB database administrator has an active session in /setup.pl, an attacker can trick the admin into clicking on a link which automatically submits a request to setup.pl without the admin's consent. This request can be used...

7.5CVSS6.8AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:33 a.m.13 views

CVE-2024-42001

An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active...

9.8CVSS7.4AI score0.00683EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/01/14 8:0 p.m.10 views

CVE-2024-55893 TYPO3 Cross-Site Request Forgery in Log Module

TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...

4.3CVSS4.6AI score0.00235EPSS
Exploits0References5
Rows per page
Query Builder