Lucene search
K

152 matches found

Positive Technologies
Positive Technologies
added 2026/02/07 12:0 a.m.10 views

PT-2026-6882

Name of the Vulnerable Software and Affected Versions yeqifu warehouse versions prior to aaf29962ba407d22d991781de28796ee7b4670e4 Description A weakness exists due to improper authorization within the User Management Endpoint component. The issue is related to the addUser, updateUser, and...

6.5CVSS5.3AI score0.00262EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/01/24 12:0 a.m.2 views

SUSE SLES15: busybox / busybox-adduser / busybox-attr / busybox-bc / etc (SUSE-SU-2026:0236-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0236-1 advisory. This update for busybox fixes the following issues: Security issues: - CVE-2025-46394: Fixed tar hidden files via...

6.5CVSS7.2AI score0.00285EPSS
Exploits1References10
OSV
OSV
added 2026/01/22 12:25 p.m.4 views

SUSE-SU-2026:0236-1 Security update for busybox

This update for busybox fixes the following issues: This update for busybox fixes the following issues: Security issues: - CVE-2025-46394: Fixed tar hidden files via escape sequence CVE-2025-46394, bsc1241661 - CVE-2025-60876: Fixed HTTP request header injection in wget CVE-2025-60876, bsc1253245...

6.5CVSS7.1AI score0.00285EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/11/26 12:42 a.m.7 views

CVE-2025-51744

An issue was discovered in jishenghua JSHERP 2.3.1. The /user/addUser endpoint is vulnerable to fastjson deserialization attacks...

9.8CVSS7.1AI score0.00407EPSS
Exploits0References1
NVD
NVD
added 2025/11/25 9:15 p.m.5 views

CVE-2025-51744

An issue was discovered in jishenghua JSHERP 2.3.1. The /user/addUser endpoint is vulnerable to fastjson deserialization attacks...

9.8CVSS0.00407EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.12 views

PT-2025-48083

An issue was discovered in jishenghua JSH ERP 2.3.1. The /user/addUser endpoint is vulnerable to fastjson deserialization attacks...

7.1AI score0.00407EPSS
Exploits0References5
OSV
OSV
added 2025/11/25 12:0 a.m.5 views

CVE-2025-51744

An issue was discovered in jishenghua JSHERP 2.3.1. The /user/addUser endpoint is vulnerable to fastjson deserialization attacks...

9.8CVSS7AI score0.00407EPSS
Exploits0References6
CVE
CVE
added 2025/11/25 12:0 a.m.17 views

CVE-2025-51744

CVE-2025-51744 affects jishenghua JSH_ERP 2.3.1. The /user/addUser endpoint is reported to be vulnerable to fastjson deserialization attacks. The CVSS 3.1 base score is 9.8 (CRITICAL) with network attack vector, no privileges required, no user interaction, and high impact on confidentiality, inte...

9.8CVSS6.7AI score0.00407EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-1036

Malware in sbrugna...

9.8CVSS6AI score0.00657EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-6548

Malware in sbrugna...

6.8CVSS6.4AI score0.0122EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-14138

Malware in sbrugna...

8CVSS7.8AI score0.00325EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-24135

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00302EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-31255

Malicious code in bioql PyPI...

8.6CVSS8.2AI score0.01207EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1142

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00564EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/08/13 9:25 a.m.9 views

CVE-2025-8839

A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may b...

8.8CVSS7.2AI score0.00302EPSS
Exploits1References1
NVD
NVD
added 2025/08/11 9:15 a.m.4 views

CVE-2025-8839

A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may b...

8.8CVSS0.00302EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/08/11 9:2 a.m.10 views

CVE-2025-8839 jshERP Endpoint addUser improper authorization

A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may b...

6.5CVSS0.00302EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/08/11 9:2 a.m.2 views

CVE-2025-8839 jshERP Endpoint addUser improper authorization

A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may b...

6.5CVSS7.2AI score0.00302EPSS
Exploits1References4
OSV
OSV
added 2025/08/11 9:2 a.m.4 views

CVE-2025-8839 jshERP Endpoint addUser improper authorization

A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may b...

5.3CVSS6AI score0.00302EPSS
Exploits1References6
CVE
CVE
added 2025/08/11 9:2 a.m.23 views

CVE-2025-8839

The CVE-2025-8839 issue affects jshERP up to v3.5, specifically the Endpoint component processing the file /jshERP-boot/user/addUser, where improper authorization is the root cause. The vulnerability could be triggered remotely and, per multiple sources, the exploit has been publicly disclosed, i...

8.8CVSS7.2AI score0.00302EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder