Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/04/17 1:35 p.m.14 views

CVE-2025-3579

In versions prior to Aidex 1.7, an authenticated malicious user, taking advantage of an open registry, could execute unauthorised commands within the system. This includes executing operating system Unix commands, interacting with internal services such as PHP or MySQL, and even invoking native...

9.3CVSS7.6AI score0.00511EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/04/17 1:33 p.m.13 views

CVE-2025-3578

A malicious, authenticated user in Aidex, versions prior to 1.7, could list credentials of other users, create or modify existing users in the application, list credentials of users in production or development environments. In addition, it would be possible to cause bugs that would result in the...

9.3CVSS6.7AI score0.00397EPSS
Exploits0References3
CVE
CVEadded 2025/04/15 8:44 a.m.63 views

CVE-2025-3579

Aidex CVE-2025-3579 affects versions prior to 1.7. The issue is a prompt-injection vulnerability in the /api//message endpoint where the content parameter can be manipulated by an authenticated user with access to an open registry, enabling execution of OS commands (Unix), interaction with intern...

9.3CVSS7.2AI score0.00511EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/04/15 8:44 a.m.24 views

CVE-2025-3579 Code Injection Vulnerability in AiDex

In versions prior to Aidex 1.7, an authenticated malicious user, taking advantage of an open registry, could execute unauthorised commands within the system. This includes executing operating system Unix commands, interacting with internal services such as PHP or MySQL, and even invoking native...

9.3CVSS0.00511EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/04/15 8:42 a.m.17 views

CVE-2025-3578 Adversarial Input Handling Vulnerability in AiDex

A malicious, authenticated user in Aidex, versions prior to 1.7, could list credentials of other users, create or modify existing users in the application, list credentials of users in production or development environments. In addition, it would be possible to cause bugs that would result in the...

9.3CVSS0.00397EPSS
Exploits0References1
CVE
CVEadded 2025/04/15 8:42 a.m.52 views

CVE-2025-3578

The CVE-2025-3578 vulnerability in Aidex affects versions prior to 1.7 and can be exploited by an authenticated user to list credentials of other users, create or modify users, and disclose sensitive information from production/development environments. It enables exfiltration of details about th...

9.3CVSS6.4AI score0.00397EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/04/15 12:0 a.m.1 views

AiDex 安全漏洞

AiDex is an artificial intelligence chatbot from AiDex. A security vulnerability exists in Aidex versions prior to 1.7, which stems from improper handling of the content parameter in the /api//message endpoint, which could lead to credential disclosure and sensitive information leakage...

9.3CVSS6.2AI score0.00397EPSS
Exploits0References1
Rows per page
Query Builder