Lucene search
K

1288 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-28282

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00255EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-57819

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00981EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-54529

Malicious code in bioql PyPI...

9.8CVSS9AI score0.00493EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-14673

Malicious code in bioql PyPI...

6.7CVSS6.4AI score0.00153EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25468

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00235EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-34157

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.00138EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-27427

Malicious code in bioql PyPI...

4.9CVSS5.4AI score0.00832EPSS
Exploits1References2
NVD
NVD
added 2025/10/03 12:15 p.m.9 views

CVE-2025-10306

The Backup Bolt plugin for WordPress is vulnerable to arbitrary file downloads and backup location writes in all versions up to, and including, 1.4.1 via the processbackupbatch function. This makes it possible for authenticated attackers, with Administrator-level access and above, to download...

3.8CVSS0.0029EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/03 12:0 a.m.11 views

PT-2025-40471

The Backup Bolt plugin for WordPress is vulnerable to arbitrary file downloads and backup location writes in all versions up to, and including, 1.4.1 via the process backup batch function. This makes it possible for authenticated attackers, with Administrator-level access and above, to download...

3.8CVSS6.1AI score0.0029EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/01 8:41 p.m.2 views

CVE-2025-59337 Discourse: Cross-Site Data Exposure via Backup Restore Metacommand Injection in Multisite Deployments

Discourse is an open-source community discussion platform. In versions 3.5.0 and below, malicious meta-commands could be embedded in a backup dump and executed during restore. In multisite setups, this allowed an admin of one site to access data or credentials from other sites. This issue is fixe...

5.5CVSS6.2AI score0.00277EPSS
Exploits0References2
Veeam
Veeam
added 2025/10/01 12:0 a.m.22 views

Migration to Unified Veeam Data Cloud FAQ

Below are the most commonly asked questions. What is changing with my Veeam Data Cloud for Microsoft 365 experience? Veeam is transitioning customers to the Veeam Data Cloud Platform, a unified multi-workload interface. This new experience allows you to manage Microsoft 365, Entra ID, Salesforce,...

5.8AI score
Exploits0
Veracode
Veracode
added 2025/09/30 10:41 a.m.7 views

Arbitrary Code Injection

Craft CMS is vulnerable to Arbitrary Code Injection. The vulnerability is due to inadequate protection of restore functionality because, with a compromised security key and the ability to place an arbitrary file in storage/backups, an attacker can craft a request to /updater/restore-db that...

8.8CVSS7.1AI score0.00456EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/09/25 4:45 p.m.5 views

CVE-2025-10360

In Puppet Enterprise versions 2025.4.0 and 2025.5, the encryption key used for encrypting content in the Infra Assistant database was not excluded from the files gathered by Puppet backup. The key is only present on the system if the user has a Puppet Enterprise Advanced license and has enabled t...

6.9CVSS6.8AI score0.00177EPSS
Exploits0References1
NVD
NVD
added 2025/09/24 4:15 p.m.5 views

CVE-2025-10360

In Puppet Enterprise versions 2025.4.0 and 2025.5, the encryption key used for encrypting content in the Infra Assistant database was not excluded from the files gathered by Puppet backup. The key is only present on the system if the user has a Puppet Enterprise Advanced license and has enabled t...

6.9CVSS0.00177EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/24 3:49 p.m.8 views

CVE-2025-10360 Insufficiently Protected Credentials in Puppet Enterprise 2025.4 and 2025.5

In Puppet Enterprise versions 2025.4.0 and 2025.5, the encryption key used for encrypting content in the Infra Assistant database was not excluded from the files gathered by Puppet backup. The key is only present on the system if the user has a Puppet Enterprise Advanced license and has enabled t...

6.9CVSS0.00177EPSS
Exploits0References1
CVE
CVE
added 2025/09/24 3:49 p.m.13 views

CVE-2025-10360

CVE-2025-10360 affects Puppet Enterprise 2025.4.0 and 2025.5, where the encryption key for the Infra Assistant database was not excluded from files collected by Puppet backup. The key is present only for users with an Infra Assistant license and feature enabled, and it protects the API key for th...

6.9CVSS6.5AI score0.00177EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/24 3:49 p.m.4 views

CVE-2025-10360 Insufficiently Protected Credentials in Puppet Enterprise 2025.4 and 2025.5

In Puppet Enterprise versions 2025.4.0 and 2025.5, the encryption key used for encrypting content in the Infra Assistant database was not excluded from the files gathered by Puppet backup. The key is only present on the system if the user has a Puppet Enterprise Advanced license and has enabled t...

6.9CVSS6.5AI score0.00177EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/09/24 3:49 p.m.6 views

CVE-2025-10360

In Puppet Enterprise versions 2025.4.0 and 2025.5, the encryption key used for encrypting content in the Infra Assistant database was not excluded from the files gathered by Puppet backup. The key is only present on the system if the user has a Puppet Enterprise Advanced license and has enabled t...

6.9CVSS5.5AI score0.00177EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/09/24 11:58 a.m.5 views

How One Bad Password Ended a 158-Year-Old Business

Most businesses don't make it past their fifth birthday - studies show that roughly 50% of small businesses fail within the first five years. So when KNP Logistics Group formerly Knights of Old celebrated more than a century and a half of operations, it had mastered the art of survival. For 158...

7AI score
Exploits0
CNNVD
CNNVD
added 2025/09/24 12:0 a.m.3 views

Puppet Enterprise Administration Module(PEADM) 安全漏洞

Puppet Enterprise Administration Module PEADM is an open source Puppet module from Puppet that defines the Bolt program. It is used to automate Puppet Enterprise deployments. A security vulnerability exists in Puppet Enterprise Administration Module PEADM versions 2025.4.0 and 2025.5, which stems...

6.9CVSS6.6AI score0.00177EPSS
Exploits0References2
Rows per page
Query Builder