Lucene search
K

73 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-3695

Malware in sbrugna...

6.8CVSS8AI score0.02766EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-0037

Malware in sbrugna...

7.5CVSS6.1AI score0.01688EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0590

Malware in sbrugna...

5.9CVSS5.8AI score0.02614EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1157

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00394EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/09/25 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-39880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: fix invalid accesses to cephconnectionv1info There is a place where generic code in messenger.c is reading and another place where it is writing to...

7.8CVSS7.1AI score0.00144EPSS
Exploits0References3
OSV
OSV
added 2025/09/23 6:15 a.m.5 views

UBUNTU-CVE-2025-39880

In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to cephconnectionv1info There is a place where generic code in messenger.c is reading and another place where it is writing to con-v1 union member without checking that the union member is active i.e...

7.8CVSS6.5AI score0.00144EPSS
Exploits0References32
OSV
OSV
added 2025/09/12 11:46 a.m.4 views

BIT-NIFI-2020-13940

In Apache NiFi 1.0.0 to 1.11.4, the notification service manager and various policy authorizer and user group provider objects allowed trusted administrators to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to services via XXE...

5.5CVSS6.9AI score0.01911EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2015-3659

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8...

6.8CVSS8.3AI score0.02766EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.4 views

PT-2025-39137

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the libceph component related to invalid accesses to ceph connection v1 info. Specifically, generic code in messenger.c reads and writes to the...

7.8CVSS7.8AI score0.00144EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/06/10 9:30 a.m.7 views

cn.herodotus.engine:message-spring-boot-starter (>=2.7.3.4 <=3.0.0-M2), com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=4.0.0 <=4.1.1) +179 more potentially affected by CVE-2025-27819 via org.apache.kafka:kafka_2.13 (>=2.4.0 <=3.3.2)

org.apache.kafka:kafka2.13 MAVEN version =2.4.0, =2.7.3.4, =4.0.0, =4.0.0, =4.0.0, =4.0.1, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =1.0.0, =1.2.0 - com.cerner.c...

7.5CVSS6.4AI score0.00878EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:10 p.m.9 views

CVE-2020-13940

In Apache NiFi 1.0.0 to 1.11.4, the notification service manager and various policy authorizer and user group provider objects allowed trusted administrators to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to services via XXE...

5.5CVSS6.8AI score0.01911EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 12:23 p.m.7 views

CVE-2010-0005

query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access restrictions via a query...

7.5CVSS6.9AI score0.01688EPSS
Exploits0References1
OSV
OSV
added 2025/05/14 12:31 p.m.19 views

GHSA-5FC3-PQF2-57CX Apache IoTDB Discloses Sensitive Information via Log Files

Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version...

6.9CVSS5.8AI score0.00709EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2025/02/05 12:0 a.m.13 views

The vulnerability of the CassandraNetworkAuthorizer and CassandraCIDRAuthorizer components of the distributed Apache Cassandra database management system allows attackers to enhance their privileges.

The vulnerability of the CassandraNetworkAuthorizer and CassandraCIDRAuthorizer components of the distributed Apache Cassandra database management system is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor to enhance their...

9.9CVSS5.7AI score0.01056EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2025/02/04 11:15 a.m.6 views

AZL-56433 CVE-2025-24860 affecting package cassandra 5.0.0-2

Incorrect Authorization vulnerability in Apache Cassandra allowing users to access a datacenter or IP/CIDR groups they should not be able to when using CassandraNetworkAuthorizer or CassandraCIDRAuthorizer. Users with restricted data center access can update their own permissions via data control...

5.4CVSS6.5AI score0.01056EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/30 4:55 p.m.2 views

Malicious code in cognito_authorizer (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/27 12:0 a.m.6 views

PT-2025-5589 · Apache · Apache Cassandra

Name of the Vulnerable Software and Affected Versions: Apache Cassandra versions 4.0.0 through 4.0.15 Apache Cassandra versions 4.1.0 through 4.1.7 Apache Cassandra versions 5.0.0 through 5.0.2 Description: The issue allows users to access a datacenter or IP/CIDR groups they should not be able to...

9CVSS5.4AI score0.01056EPSS
Exploits0References16
OSV
OSV
added 2025/01/20 7:14 a.m.1 views

MAL-2025-197 Malicious code in jazz_token-authorizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3bd3fcfec7eb7354597369d7c1b2496841dbeabc3876ca1c150802f8bc3221f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/20 7:14 a.m.3 views

Malicious code in jazz_token-authorizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3bd3fcfec7eb7354597369d7c1b2496841dbeabc3876ca1c150802f8bc3221f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2024/10/23 5:4 p.m.10 views

CVE-2024-49756 AshPostgres empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability.

AshPostgres is the PostgreSQL data layer for Ash Framework. Starting in version 2.0.0 and prior to version 2.4.10, in certain very specific situations, it was possible for the policies of an update action to be skipped. This occurred only on "empty" update actions no changing fields, and would...

5.3CVSS6.6AI score0.00499EPSS
Exploits0References6
Rows per page
Query Builder