Lucene search
+L

261 matches found

CVE
CVE
added 2026/01/05 9:46 p.m.18 views

CVE-2025-68436

CVE-2025-68436 affects Craft CMS: versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16. The issue allows authenticated users to potentially expose sensitive assets via their user profile photo through maliciously crafted requests, causing information disclosure. No exploitation details...

7.1CVSS6.2AI score0.00232EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/12/22 11:24 a.m.4 views

EUVD-2025-204707

Mattermost versions 11.1.x = 11.1.0, 11.0.x = 11.0.5, 10.12.x = 10.12.3, 10.11.x = 10.11.7 with the Jira plugin enabled and Mattermost Jira plugin versions =4.4.0 fail to enforce authentication and issue-key path restrictions in the Jira plugin, which allows an unauthenticated attacker who knows ...

7.2CVSS6.5AI score0.00227EPSS
Exploits0References2
CVE
CVE
added 2025/12/18 12:0 a.m.16 views

CVE-2025-63386

CVE-2025-63386 affects Dify v1.9.1, specifically the /console/api/setup endpoint. The vulnerability arises from a misconfigured CORS policy that reflects any Origin header and sets Access-Control-Allow-Credentials: true, allowing arbitrary external domains to make authenticated requests. Impact i...

9.1CVSS5.7AI score0.00212EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.10 views

PT-2025-52262

Name of the Vulnerable Software and Affected Versions Dify version 1.9.1 Description A Cross-Origin Resource Sharing CORS misconfiguration exists in the /console/api/setup endpoint. The endpoint has an insecure CORS policy that reflects any Origin header and allows Access-Control-Allow-Credential...

9.1CVSS6.5AI score0.00212EPSS
Exploits0References11
CERT
CERT
added 2025/11/20 12:0 a.m.17 views

Tenda N300 Wi-Fi 4G LTE Router 4G03 Pro impacted by vulnerabilities

Overview A command injection vulnerability exists across multiple firmware versions that allows an attacker to execute arbitrary commands as root on the affected device. Currently, no solution exists to resolve these vulnerabilities in the Tenda N300 series and Tenda 4G03 Pro devices. Description...

8.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.9 views

PT-2025-47334

Name of the Vulnerable Software and Affected Versions pluginsGLPI Database Inventory Plugin versions prior to 1.0.3 Description The Database Inventory Plugin for pluginsGLPI manages Teclib' inventory agents to inventory databases on workstations. Prior to version 1.0.3, any authenticated user cou...

4.3CVSS6.5AI score0.00286EPSS
Exploits0References7
NVD
NVD
added 2025/10/24 10:15 p.m.5 views

CVE-2025-34293

GN4 Publishing System versions prior to 2.6 contain an insecure direct object reference IDOR vulnerability via the API. Authenticated requests to the API's object endpoints allow an authenticated user to request arbitrary user IDs and receive sensitive account data for those users, including the...

8.6CVSS0.0038EPSS
Exploits0References4
CVE
CVE
added 2025/10/24 9:16 p.m.25 views

CVE-2025-34293

GN4 Publishing System before 2.6 is affected by an insecure direct object reference (IDOR) via the API. Authenticated requests to object endpoints allow an authenticated user to query arbitrary user IDs and retrieve sensitive data, including stored passwords and the account’s security question/an...

8.6CVSS6.4AI score0.0038EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-5604

Malware in sbrugna...

8.8CVSS8.8AI score0.00885EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-5835

Malware in sbrugna...

8.8CVSS6AI score0.00968EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-5836

Malware in sbrugna...

8.8CVSS6AI score0.00968EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-2244

Malware in sbrugna...

8.8CVSS8.8AI score0.00734EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-18725

Malware in sbrugna...

8.8CVSS8.7AI score0.01932EPSS
Exploits5References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-18284

Malware in sbrugna...

7.5CVSS7.6AI score0.01389EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-0332

Malware in sbrugna...

4.4CVSS4.8AI score0.00646EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-9091

Malicious code in bioql PyPI...

7.7CVSS6.6AI score0.01134EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-9089

Malicious code in bioql PyPI...

7.7CVSS6.6AI score0.01134EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-58561

Malicious code in bioql PyPI...

9.1CVSS6.8AI score0.06437EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6454

Malicious code in bioql PyPI...

8.2CVSS8AI score0.00818EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.19 views

EUVD-2021-9048

Malicious code in bioql PyPI...

9.1CVSS9.2AI score0.02694EPSS
Exploits1References1
Rows per page
Query Builder