Lucene search
+L

59 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-27864

Malicious code in bioql PyPI...

7.4CVSS7.4AI score0.00536EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-27865

Malicious code in bioql PyPI...

7.4CVSS7.4AI score0.00493EPSS
Exploits0References1
nvd
nvd
added 2025/08/27 10:15 p.m.3 views

CVE-2024-13979

A SQL injection vulnerability exists in the St. Joe ERP system "圣乔ERP系统" that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login endpoint. The application fails to properly sanitize user-supplied input before incorporating it into...

9.8CVSS0.02899EPSS
Exploits1References4
redhatcve
redhatcve
added 2025/05/23 6:30 a.m.11 views

CVE-2024-20882

Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data access...

4.6CVSS6.6AI score0.0022EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 9:5 p.m.25 views

CVE-2021-24219

The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before 2.3.9.4, Thrive Ultimatum WordPress plugin before 2.3.9.4, Thrive Quiz Builder WordPress plugin...

5.3CVSS6.8AI score0.02076EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 5:45 a.m.4 views

CVE-2010-1004

SQL injection vulnerability in the Yet another TYPO3 search engine YATSE extension before 0.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.7AI score0.01051EPSS
Exploits0References1
cnvd
cnvd
added 2025/04/18 12:0 a.m.3 views

Patient Record Management System edit_dpatient.php File SQL Injection Vulnerability

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the /editdpatient.php file. An attacker can exploit...

8.8CVSS8.2AI score0.00476EPSS
Exploits1References1
cnnvd
cnnvd
added 2025/03/11 12:0 a.m.8 views

Pimcore SQL注入漏洞

Pimcore is an open source data and experience management platform. A SQL injection vulnerability exists in Pimcore. The vulnerability stems from the fact that an authenticated user can construct filter strings that lead to SQL injection, which can be exploited by an attacker to execute arbitrary...

8.8CVSS8.3AI score0.0046EPSS
Exploits0References5
redhatcve
redhatcve
added 2025/02/05 1:12 a.m.6 views

CVE-2024-20536

A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with read-only privileges to execute arbitrary SQL commands on an affected device. This vulnerability is due to insufficient...

8.8CVSS8.1AI score0.00772EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/07/30 12:0 a.m.6 views

Xibo CMS SQL注入漏洞

Xibo CMS is an open source content management system from Xibo Digital Signage. Xibo CMS suffers from a SQL injection vulnerability that originates from allowing an authenticated user to retrieve and modify arbitrary data from the database by injecting a specially crafted value into the sortBy...

6.5CVSS7.8AI score0.00442EPSS
Exploits0References2
nvd
nvd
added 2024/06/04 7:15 a.m.19 views

CVE-2024-20882

Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data access...

4.6CVSS4.6AI score0.0022EPSS
Exploits0References1
osv
osv
added 2024/06/04 7:15 a.m.5 views

CVE-2024-20882

Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data access...

4.6CVSS5.9AI score0.0022EPSS
Exploits0References1
cvelist
cvelist
added 2024/06/04 6:42 a.m.34 views

CVE-2024-20882

Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data access...

4.6CVSS4.6AI score0.0022EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/06/04 6:42 a.m.16 views

CVE-2024-20882

Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data access...

4.6CVSS6.6AI score0.0022EPSS
Exploits0References1
osv
osv
added 2024/01/23 10:15 p.m.1 views

DEBIAN-CVE-2023-36177

An issue was discovered in badaix Snapcast version 0.27.0, allows remote attackers to execute arbitrary code and gain sensitive information via crafted request in JSON-RPC-API...

9.8CVSS9.1AI score0.2732EPSS
Exploits1References1
nvd
nvd
added 2023/11/07 8:15 a.m.21 views

CVE-2023-42543

Improper verification of intent by broadcast receiver vulnerability in Bixby Voice prior to version 3.3.35.12 allows attackers to access arbitrary data with Bixby Voice privilege...

7.5CVSS6.6AI score0.00452EPSS
Exploits0References1
prion
prion
added 2023/11/07 8:15 a.m.17 views

Input validation

Improper verification of intent by broadcast receiver vulnerability in Bixby Voice prior to version 3.3.35.12 allows attackers to access arbitrary data with Bixby Voice privilege...

5CVSS7.1AI score0.00452EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/11/07 7:49 a.m.29 views

CVE-2023-42543

Improper verification of intent by broadcast receiver vulnerability in Bixby Voice prior to version 3.3.35.12 allows attackers to access arbitrary data with Bixby Voice privilege...

6.2CVSS7.7AI score0.00452EPSS
Exploits0References1
prion
prion
added 2023/09/07 1:15 p.m.22 views

Security feature bypass

ColdFusion version 2021 update 1 and earlier and versions 2018.10 and earlier are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass??. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on...

6.5CVSS7.2AI score0.00536EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/09/07 12:54 p.m.14 views

CVE-2021-40698 ColdFusion Use of Inherently Dangerous Function Leads To Security feature bypass  

ColdFusion version 2021 update 1 and earlier and versions 2018.10 and earlier are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass . An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on...

7.4CVSS7.2AI score0.00536EPSS
Exploits0References1
Rows per page
Query Builder