Lucene search
K

325 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2005-4204

Malware in sbrugna...

4.3CVSS6.4AI score0.02133EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-6505

Malware in sbrugna...

5CVSS6.4AI score0.02455EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-20627

Malware in sbrugna...

5.4CVSS5.6AI score0.00604EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2012-0013

Malware in sbrugna...

4.3CVSS6AI score0.0248EPSS
Exploits0References17
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-32527

Malicious code in bioql PyPI...

10CVSS9.2AI score0.01623EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-11133

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00481EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-30232

Malicious code in bioql PyPI...

8.1CVSS6.4AI score0.00407EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-25512

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00608EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27774

Malicious code in bioql PyPI...

9.4CVSS6.2AI score0.00231EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-11100

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.0026EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/19 4:27 a.m.15 views

CVE-2025-5955 Service Finder SMS System <= 2.0.0 - Authentication Bypass

The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.0. This is due to the plugin not verifying a user's phone number before logging them in. This makes it possible for unauthenticated attackers to login as arbitrary...

8.1CVSS0.00407EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/19 4:27 a.m.6 views

CVE-2025-5955 Service Finder SMS System <= 2.0.0 - Authentication Bypass

The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.0. This is due to the plugin not verifying a user's phone number before logging them in. This makes it possible for unauthenticated attackers to login as arbitrary...

8.1CVSS6AI score0.00407EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.17 views

PT-2025-38510

Name of the Vulnerable Software and Affected Versions Service Finder SMS System plugin for WordPress versions prior to 2.1.0 Description The Service Finder SMS System plugin for WordPress does not verify a user's phone number before logging them in, leading to authentication bypass. This allows...

8.1CVSS6.9AI score0.00407EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/08/30 6:18 p.m.11 views

CVE-2025-30064

An insufficiently secured internal function allows session generation for arbitrary users. The decodeParam function checks the JWT but does not verify which signing algorithm was used. As a result, an attacker can use the "ex:action" parameter in the VerifyUserByThrustedService function to genera...

8.8CVSS7AI score0.00077EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/24 11:42 a.m.8 views

CVE-2025-9254

WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality...

9.8CVSS7.6AI score0.00608EPSS
Exploits0References1
NVD
NVD
added 2025/08/22 12:15 p.m.9 views

CVE-2025-9254

WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality...

9.8CVSS0.00608EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/22 11:21 a.m.12 views

CVE-2025-9254 Uniong|WebITR - Missing Authentication

WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality...

9.8CVSS0.00608EPSS
Exploits0References2
CVE
CVE
added 2025/08/22 11:21 a.m.21 views

CVE-2025-9254

CVE-2025-9254 concerns WebITR by Uniong with a missing authentication vulnerability that allows unauthenticated remote attackers to log in as arbitrary users by exploiting a specific functionality. Multiple sources (Red Hat, NVD, CVE lists) describe an unauthenticated access/control issue; the ex...

9.8CVSS7.5AI score0.00608EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/08/06 5:50 a.m.6 views

BIT-MOODLE-2024-43438 Moodle: idor in feedback non-respondents report allows messaging arbitrary site users

A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report...

7.5CVSS5.8AI score0.00519EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.10 views

The vulnerability of VideoGrace video conferencing software, related to insufficient validation of input data, allows a hacker to send messages to arbitrary users.

The vulnerability of VideoGrace video conferencing software is related to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to send messages to arbitrary users remotely...

6.8CVSS5.5AI score
Exploits0Affected Software1
Rows per page
Query Builder