Lucene search
K

359 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-8787

Malicious code in bioql PyPI...

9CVSS6.7AI score0.00817EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-34782

Malicious code in bioql PyPI...

8CVSS7.8AI score0.00846EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-41710

Malicious code in bioql PyPI...

6.5CVSS7AI score0.00242EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-32722

Malicious code in bioql PyPI...

9.6CVSS6.6AI score0.00326EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-32721

Malicious code in bioql PyPI...

9.6CVSS6.6AI score0.00326EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-43648

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01208EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-1761

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.00571EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-58205

Malicious code in bioql PyPI...

6.4CVSS6AI score0.00683EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/26 6:43 a.m.13 views

CVE-2025-10137 Snow Monkey <= 29.1.5 - Unauthenticated Blind Server-Side Request Forgery

The Snow Monkey theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 29.1.5 via the request function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...

5.4CVSS0.00257EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-5933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. Improper input...

6.4CVSS6AI score0.00683EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.4 views

IBM Edge Application Manager 代码问题漏洞

IBM Edge Application Manager is an application from International Business Machines IBM that provides powerful solutions to address the need to deliver enterprise computing power at the edge of the cloud, closer to where the data is being created and at the edge of the enterprise where action nee...

5.4CVSS9.1AI score0.00164EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.4 views

WordPress plugin Yogi 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, WordPress is a set of blogging platform developed using the PHP language, which supports setting up personal blog sites on servers with PHP and MySQL, and WordPress plugin is an application plugin. WordPress Yogi suffer...

8.8CVSS7.2AI score0.00462EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.4 views

DiscordNotifications 代码问题漏洞

DiscordNotifications is an open source application from Miraheze. DiscordNotifications suffers from a code issue vulnerability that stems from sending requests to arbitrary URLs via curl and filegetcontents, which could lead to denial of service and server-side request forgery attacks...

9.1CVSS6.9AI score0.00312EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/06/18 12:0 a.m.10 views

The vulnerability of the Chamilo LMS system for electronic learning and content management lies in the insufficient verification of incoming requests used by the operating system. This allows attackers to execute arbitrary HTTP requests.

The vulnerability of the Chamilo LMS, a system for electronic teaching and content management, lies in the insufficient verification of incoming requests used by the operating system. Exploiting this vulnerability could allow a malicious actor to execute arbitrary HTTP requests remotely...

7.8CVSS5.8AI score0.00364EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/16 12:0 a.m.7 views

The vulnerability of the Vinteo video conference software server lies in the lack of protective measures for website structures. This allows attackers to carry out XSS attacks and execute arbitrary requests.

The vulnerability of the Vinteo video conference software server lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely and execute arbitrary requests...

8CVSS5.8AI score
Exploits0Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2025/06/02 12:0 a.m.5 views

Hewlett Packard Enterprise StoreOnce VSA determineInclusionAndExtract Server-Side Request Forgery Vulnerability

This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of Hewlett Packard Enterprise StoreOnce VSA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the...

5.3CVSS6.4AI score0.00576EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:39 a.m.9 views

CVE-2024-27561

A Server-Side Request Forgery SSRF in the installUpdateThemePluginAction function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the installThemePlugin parameter...

9.1CVSS7.2AI score0.00585EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:39 a.m.12 views

CVE-2024-27565

A Server-Side Request Forgery SSRF in weixin.php of ChatGPT-wechat-personal commit a0857f6 allows attackers to force the application to make arbitrary requests...

9.8CVSS7AI score0.00661EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:39 a.m.9 views

CVE-2024-27563

A Server-Side Request Forgery SSRF in the getFileFromRepo function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter...

6.5CVSS7.3AI score0.00417EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:42 a.m.6 views

CVE-2023-39108

rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery SSRF via the pathb parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs...

8.8CVSS7.5AI score0.02965EPSS
Exploits1References1
Rows per page
Query Builder