Lucene search
K

37 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-49150

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.01468EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-3108

Malicious code in bioql PyPI...

7.7CVSS7.5AI score0.01239EPSS
Exploits1References12
Vulnrichment
Vulnrichment
added 2025/09/08 9:11 p.m.4 views

CVE-2025-57815 Fides Lacks Brute-Force Protections on Authentication Endpoints

Fides is an open-source privacy engineering platform. Prior to version 2.69.1, the Fides Admin UI login endpoint relies on a general IP-based rate limit for all API traffic and lacks specific anti-automation controls designed to protect against brute-force attacks. This could allow attackers to...

6.3CVSS6.6AI score0.00277EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.8 views

PT-2025-33823 · Hcl · Hcl Digital Experience

Name of the Vulnerable Software and Affected Versions: HCL Digital Experience affected versions not specified Description: HCL Digital Experience is susceptible to cross-site scripting XSS within an administrative user interface that has restricted access. Recommendations: At the moment, there is...

4.9CVSS6AI score0.00224EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 5:41 a.m.3 views

CVE-2017-7591

OpenIDM through 4.0.0 and 4.5.0 is vulnerable to reflected cross-site scripting XSS attacks within the Admin UI, as demonstrated by the sortKeys parameter to the authzRoles script under managed/user/...

6.1CVSS6AI score0.00681EPSS
Exploits0References1
OSV
OSV
added 2024/06/13 3:15 p.m.5 views

CVE-2024-28969

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs...

4.3CVSS5.9AI score0.00424EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/15 12:0 a.m.3 views

PT-2024-40496 · Ez Systems +1 · Ez Platform +4

Name of the Vulnerable Software and Affected Versions: eZ Platform versions prior to 1.13.x with ezsystems/PlatformUIAssetsBundle version 4.2.3 eZ Platform version 2.5.13 with ezsystems/ezplatform-admin-ui-assets version 4.2.1 eZ Platform version 3.0. with ezsystems/ezplatform-admin-ui-assets...

6.3AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/02/13 12:0 a.m.7 views

PT-2024-20763 · Unknown · Sidekiq-Unique-Jobs

Name of the Vulnerable Software and Affected Versions: sidekiq-unique-jobs versions prior to 7.1.33 and 8.0.7 Description: The issue is related to a Cross-Site Scripting XSS vulnerability in the sidekiq-unique-jobs "admin" web UI. Specially crafted GET request parameters handled by the following...

7.1CVSS7.5AI score0.00525EPSS
Exploits1References12
CNNVD
CNNVD
added 2024/02/07 12:0 a.m.4 views

Pimcore Security Vulnerability

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A security vulnerability exists in pimcore...

9.1CVSS6.5AI score0.00544EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/11/06 12:0 a.m.7 views

Proofpoint Enterprise Protection Cross-Site Scripting Vulnerability

Proofpoint Enterprise Protection is an application from Proofpoint USA. It provides functionality to protect email. A security vulnerability exists in Proofpoint Enterprise Protection that stems from a stored cross-site scripting XSS vulnerability in AdminUI...

6.1CVSS5.6AI score0.00342EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/18 12:0 a.m.5 views

Fides 资源管理错误漏洞

Fides is an open source privacy engineering platform for managing the implementation of data privacy requests in the runtime environment and the enforcement of privacy regulations in code. A resource management error vulnerability exists in Fides versions 2.11.0 through 2.15.1, which stems from...

4.9CVSS5.3AI score0.00579EPSS
Exploits0References3
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.12 views

SA40210 - [Pulse Secure] Information disclosure possible on admin UI (CVE-2016-4791)

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. An information disclosure issue was discovered on the Pulse Connect Secure device. This issue exists on the administrative user interface and requires admin level access. Because of th...

8.6CVSS6.6AI score0.02242EPSS
Exploits0
Cvelist
Cvelist
added 2022/12/06 7:52 p.m.23 views

CVE-2022-46333 Proofpoint Enterprise Protection perl eval() arbitrary command execution

The admin user interface in Proofpoint Enterprise Protection PPS/PoD contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. This affects all versions 8.19.0 and below...

7.2CVSS7.5AI score0.01468EPSS
Exploits0References1
OSV
OSV
added 2021/10/20 11:16 a.m.4 views

CVE-2021-35570

Vulnerability in the Oracle Mobile Field Service product of Oracle E-Business Suite component: Admin UI. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

8.1CVSS7.3AI score0.01249EPSS
Exploits0References1
Prion
Prion
added 2015/04/16 4:59 p.m.11 views

Design/Logic Flaw

Unspecified vulnerability in the Oracle Commerce Platform component in Oracle Commerce Platform 9.4, 10.0, and 10.2 allows remote attackers to affect integrity via vectors related to Dynamo Application Framework - HTML Admin User Interface...

4.3CVSS6.2AI score0.01512EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2015/04/16 4:0 p.m.25 views

CVE-2015-0510

Unspecified vulnerability in the Oracle Commerce Platform component in Oracle Commerce Platform 9.4, 10.0, and 10.2 allows remote attackers to affect integrity via vectors related to Dynamo Application Framework - HTML Admin User Interface...

5.6AI score0.01512EPSS
Exploits0References1
CVE
CVE
added 2015/04/16 4:0 p.m.45 views

CVE-2015-0510

Oracle Commerce Platform (9.4, 10.0, 10.2) is affected by a vulnerability in the Dynamo Application Framework – HTML Admin User Interface. The issue, described in connected CNVD data, allows a remote attacker to update, insert, or delete data, compromising data integrity. The root cause details a...

4.3CVSS5.8AI score0.01512EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder