Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-56109

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.01309EPSS
Exploits1References2
NVD
NVD
added 2024/02/22 4:15 p.m.31 views

CVE-2023-51388

Hertzbeat is a real-time monitoring system. In CalculateAlarm.java, AviatorEvaluator is used to directly execute the expression function, and no security policy is configured, resulting in AviatorScript which can execute any static method by default script injection. Version 1.4.1 fixes this...

9.8CVSS9.8AI score0.01309EPSS
Exploits1References2
Prion
Prion
added 2024/02/22 4:15 p.m.17 views

Design/Logic Flaw

Hertzbeat is a real-time monitoring system. In CalculateAlarm.java, AviatorEvaluator is used to directly execute the expression function, and no security policy is configured, resulting in AviatorScript which can execute any static method by default script injection. Version 1.4.1 fixes this...

7.5CVSS7.8AI score0.01309EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/02/22 3:53 p.m.10 views

CVE-2023-51388 HertzBeat AviatorScript Inject RCE

Hertzbeat is a real-time monitoring system. In CalculateAlarm.java, AviatorEvaluator is used to directly execute the expression function, and no security policy is configured, resulting in AviatorScript which can execute any static method by default script injection. Version 1.4.1 fixes this...

9.8CVSS9.7AI score0.01309EPSS
Exploits1References2
CVE
CVE
added 2024/02/22 3:53 p.m.70 views

CVE-2023-51388

Hertzbeat real-time monitoring software is affected by CVE-2023-51388 due to direct execution of expressions in CalculateAlarm.java via AviatorEvaluator without a security policy, enabling AviatorScript injection. The issue is tied to Hertzbeat versions prior to 1.4.1; upgrading to version 1.4.1 ...

9.8CVSS9.8AI score0.01309EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder