Lucene search
+L

2009 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-33533

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00915EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-2540

Malicious code in bioql PyPI...

10CVSS6.6AI score0.02877EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-19671

Malicious code in bioql PyPI...

6.2CVSS6.3AI score0.00141EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/08/07 8:31 p.m.7 views

CVE-2013-10070

PHP-Charts v1.0 contains a PHP code execution vulnerability in wizard/url.php, where user-supplied GET parameter names are passed directly to eval without sanitization. A remote attacker can exploit this flaw by crafting a request that injects arbitrary PHP code, resulting in command execution...

10CVSS7.8AI score0.01454EPSS
Exploits0References1
NVD
NVD
added 2025/06/26 10:15 p.m.9 views

CVE-2025-5731

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found...

5.5CVSS0.00141EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/06/26 9:28 p.m.13 views

CVE-2025-5731 Infinispan: credential leakage in infinispan cli

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found...

5.5CVSS0.00141EPSS
Exploits0References3
CVE
CVE
added 2025/06/26 9:28 p.m.43 views

CVE-2025-5731

Summary: CVE-2025-5731 affects the Infinispan CLI, where a credential decoded from a Kubernetes secret is handled in plaintext and can appear in a command string, potentially leaking data in an error message when a command is not found. Root cause: insecure processing/embedding of the decoded sec...

5.5CVSS7AI score0.00141EPSS
Exploits0References3Affected Software3
Positive Technologies
Positive Technologies
added 2025/06/19 12:0 a.m.10 views

PT-2025-26223

Name of the Vulnerable Software and Affected Versions RabbitMQ versions 3.13.7 and prior Description The issue concerns RabbitMQ logging authorization headers in plaintext, encoded in base64, when queried with HTTP/s and basic authentication. This results in logs containing all request headers,...

6.7CVSS6.9AI score0.00194EPSS
Exploits1References16
RedhatCVE
RedhatCVE
added 2025/05/22 10:42 p.m.12 views

CVE-2022-29039

Jenkins Gerrit Trigger Plugin 2.35.2 and earlier does not escape the name and description of Base64 Encoded String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.4AI score0.00798EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:42 a.m.10 views

CVE-2019-15805

CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/login.html. Any user connected to the Wi-Fi can exploit this...

9.8CVSS7.6AI score0.01194EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/30 12:0 a.m.7 views

JetBrains TeamCity Log Information Disclosure Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity suffers from a log information...

6.5CVSS5.8AI score0.00879EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/25 2:32 p.m.15 views

CVE-2025-46432

In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs...

4.3CVSS7.2AI score0.00879EPSS
Exploits0References1
CVE
CVE
added 2025/04/25 2:32 p.m.80 views

CVE-2025-46432

CVE-2025-46432 affects JetBrains TeamCity prior to 2025.03.1, where base64-encoded credentials could be exposed in build logs. The vulnerability is described across multiple sources (NVD entry, Red Hat, CNVD/CNNVD mirrors, Tenable Nessus plugin, PT-SECURITY advisory) with an impact on confidentia...

6.5CVSS7.2AI score0.00879EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2025/04/18 12:3 p.m.64 views

Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader

A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. "Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution," Palo...

7.8CVSS7.6AI score0.73381EPSS
Exploits11
RedhatCVE
RedhatCVE
added 2025/04/16 2:49 p.m.13 views

CVE-2024-49706

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0...

5.1CVSS6.2AI score0.00307EPSS
Exploits0References1
NVD
NVD
added 2025/04/14 12:15 p.m.22 views

CVE-2024-49706

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0...

6.1CVSS0.00307EPSS
Exploits0References2
CVE
CVE
added 2025/04/14 12:5 p.m.82 views

CVE-2024-49706

The CVE-2024-49706 entry concerns Internet Starter, a module of the SoftCOM iKSORIS system. The vulnerability is an Open Redirect caused by including base64-encoded URLs in the target parameter of a POST request to a specific endpoint. The underlying component exposed to this issue is the handlin...

6.1CVSS9.4AI score0.00307EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/14 12:5 p.m.9 views

CVE-2024-49706 XSS in iKSORIS

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0...

5.1CVSS6.5AI score0.00307EPSS
Exploits0References2
CNVD
CNVD
added 2025/04/03 12:0 a.m.5 views

JetBrains TeamCity Information Disclosure Vulnerability

JetBrains TeamCity is a powerful continuous integration and continuous delivery CI/CD tool developed by JetBrains. JetBrains TeamCity suffers from an information disclosure vulnerability that stems from base64 encoded passwords being exposed in build logs. An attacker can exploit the vulnerabilit...

6.5CVSS5.8AI score0.00944EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/29 11:46 a.m.14 views

CVE-2025-31139

In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log...

6.5CVSS7.4AI score0.00944EPSS
Exploits0References1
Rows per page
Query Builder