Lucene search
K

101 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-33954

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00454EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-16082

Malicious code in bioql PyPI...

6.1CVSS5AI score0.00877EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-39271

Malicious code in bioql PyPI...

9CVSS6.6AI score0.00543EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-19327

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00361EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/23 6:36 a.m.18 views

CVE-2025-10764

A vulnerability was identified in SeriaWei ZKEACMS up to 4.3. This affects the function Edit of the file src/ZKEACMS.EventAction/Controllers/PendingTaskController.cs of the component Event Action System. Such manipulation of the argument Data leads to server-side request forgery. The attack may b...

6.5CVSS6.5AI score0.00411EPSS
Exploits0References1
CVE
CVE
added 2025/08/15 12:32 p.m.39 views

CVE-2025-9052

Summary: CVE-2025-9052 affects projectworlds Travel Management System 1.0. A vulnerability exists in the /updatepackage.php file where manipulating the s1 parameter enables SQL injection. The issue is exploitable remotely, and public exploitation information is available. Multiple connected sourc...

9.8CVSS7.6AI score0.00387EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.6 views

PT-2025-31910 · Unknown · Atjiu Pybbs

Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions up to 6.0.0 Description: A critical issue exists in atjiu pybbs up to version 6.0.0 related to weak password requirements in the update function of the file...

6.3CVSS4.4AI score0.00398EPSS
Exploits1References12
Vulnrichment
Vulnrichment
added 2025/07/20 1:3 a.m.3 views

CVE-2025-7861 code-projects Church Donation System search.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Church Donation System 1.0. Affected is an unknown function of the file /members/search.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS7.5AI score0.00394EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/07/18 3:31 p.m.18 views

XXL-JOB is vulnerable to SSRF attacks

A vulnerability, which was classified as critical, was found in Xuxueli xxl-job up to 3.1.1. Affected is the function httpJobHandler of the file src\main\java\com\xxl\job\executor\service\jobhandler\SampleXxlJob.java. The manipulation leads to server-side request forgery. It is possible to launch...

8.8CVSS6.4AI score0.00411EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2025/07/14 12:15 p.m.9 views

CVE-2025-7601

A vulnerability has been found in PHPGurukul Online Library Management System 3.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/student-history.php. The manipulation of the argument stdid leads to cross site scripting. The attack can be initiated...

5.4CVSS0.00232EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/07/06 9:32 p.m.3 views

CVE-2025-7095 Comodo Internet Security Premium Update certificate validation

A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4.8162. This affects an unknown part of the component Update Handler. The manipulation leads to improper certificate validation. It is possible to initiate the attack remotely. The complexity of an atta...

6.3CVSS7AI score0.00228EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/06/18 10:21 a.m.8 views

CVE-2025-25264

An unauthenticated remote attacker can trick an admin to visit a website containing malicious java script code. The current overly permissive CORS policy allows the attacker to obtain any files from the file system...

6.5CVSS6.9AI score0.00386EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 11:57 a.m.8 views

CVE-2025-0480

A vulnerability classified as problematic has been found in wuzhicms 4.1.0. This affects the function test of the file coreframe/app/search/admin/config.php. The manipulation of the argument sphinxhost/sphinxport leads to server-side request forgery. It is possible to initiate the attack remotely...

5.3CVSS6.9AI score0.00478EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:7 a.m.6 views

CVE-2024-3253

A vulnerability classified as critical was found in SourceCodester Internship Portal Management System 1.0. This vulnerability affects unknown code of the file admin/addadmin.php. The manipulation of the argument name/username/password leads to sql injection. The attack can be initiated remotely...

7.2CVSS7.6AI score0.00706EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:47 a.m.7 views

CVE-2023-20185

A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, remote attacker to read or modify intersite encrypted traffic. This vulnerability is due to an issue with the implementation of the cipher...

7.4CVSS6.8AI score0.0033EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:33 a.m.7 views

CVE-2022-4599

A vulnerability was found in Shoplazza LifeStyle 1.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/api/theme-edit/ of the component Product Handler. The manipulation of the argument Subheading/Heading/Text/Button Text/Label leads to cross...

5.4CVSS6.2AI score0.00503EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:47 p.m.7 views

CVE-2022-45482

Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting, allowing remote unauthenticated users to easily and quickly brute force the PIN and execute arbitrary commands. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H...

9.8CVSS7.8AI score0.01297EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:25 a.m.10 views

CVE-2019-10071

The code which checks HMAC in form submissions used String.equals for comparisons, which results in a timing side channel for the comparison of the HMAC signatures. This could lead to remote code execution if an attacker is able to determine the correct signature for their payload. The comparison...

9.8CVSS7.6AI score0.08752EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:14 a.m.19 views

CVE-2019-3979

RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. The router adds all A records to its DNS cache even when the records are unrelated to the domain that was queried. Therefore, a remote attacker controlled DNS server can poison the router's...

7.5CVSS6.8AI score0.00917EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/17 9:31 p.m.40 views

CVE-2025-4838 kanwangzjm Funiture Login LoginServlet.java doPost redirect

A vulnerability, which was classified as problematic, was found in kanwangzjm Funiture up to 71ca0fb0658b3d839d9e049ac36429207f05329b. Affected is the function doPost of the file /funiture-master/src/main/java/com/app/mvc/acl/servlet/LoginServlet.java of the component Login. The manipulation of t...

5.3CVSS0.00344EPSS
Exploits0References4
Rows per page
Query Builder