Lucene search
K

434 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-36975

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.03846EPSS
Exploits4References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-53131

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00378EPSS
Exploits0References1
OSV
OSV
added 2025/10/02 7:10 p.m.22 views

CLSA-2025-1759432250 kernel: Fix of 36 CVEs

ASoC: topology: Clean up route loading CVE-2024-41069 - ASoC: topology: Fix references to freed memory CVE-2024-41069 - drm/dpmst: Fix MST sideband message body length check CVE-2024-56616 - Bluetooth: L2CAP: Fix not validating setsockopt user input CVE-2024-35965 - Bluetooth: L2CAP:...

7.8CVSS7.3AI score0.0788EPSS
Exploits16References1
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2017-2896

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable out-of-bounds write vulnerability exists in the xlsmergedCells function of libxls 1.4. . A specially crafted XLS file can cause a memory corrupti...

8.8CVSS8.2AI score0.02052EPSS
Exploits1References2
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-17495 Malicious code in connected-cells (npm)

The package connected-cells was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in connected-cells (npm)

The package connected-cells was found to contain malicious code...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/10 6:14 p.m.22 views

CVE-2010-10013

An unauthenticated remote command execution vulnerability exists in AjaXplorer now known as Pydio Cells versions prior to 2.6. The flaw resides in the checkInstall.php script within the access.ssh plugin, which fails to properly sanitize user-supplied input to the destServer GET parameter. By...

9.3CVSS8AI score0.01163EPSS
Exploits0References1
NVD
NVD
added 2025/08/08 7:15 p.m.7 views

CVE-2010-10013

An unauthenticated remote command execution vulnerability exists in AjaXplorer now known as Pydio Cells versions prior to 2.6. The flaw resides in the checkInstall.php script within the access.ssh plugin, which fails to properly sanitize user-supplied input to the destServer GET parameter. By...

9.3CVSS0.01163EPSS
Exploits0References5
CVE
CVE
added 2025/08/08 6:9 p.m.27 views

CVE-2010-10013

CVE-2010-10013 describes an unauthenticated remote command execution in AjaXplorer (now Pydio Cells) versions before 2.6. The vulnerability resides in the checkInstall.php script of the access.ssh plugin, which fails to sanitize input passed to the destServer GET parameter. By injecting shell met...

9.3CVSS7.7AI score0.01163EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/08 12:0 a.m.7 views

PT-2025-32392 · Unknown +1 · Ajaxplorer/Pydio Cells +1

Name of the Vulnerable Software and Affected Versions: AjaXplorer/Pydio Cells versions prior to 2.6 Description: An unauthenticated remote command execution vulnerability exists due to improper sanitization of user-supplied input to the destServer GET parameter within the checkInstall.php script ...

9.3CVSS8.3AI score0.01163EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 4:10 a.m.10 views

CVE-2023-32751

Pydio Cells through 4.1.2 allows XSS. Pydio Cells implements the download of files using presigned URLs which are generated using the Amazon AWS SDK for JavaScript 1. The secrets used to sign these URLs are hardcoded and exposed through the JavaScript files of the web application. Therefore, it i...

5.4CVSS6.2AI score0.02937EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:50 a.m.9 views

CVE-2023-32749

Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all...

8.8CVSS6.8AI score0.14197EPSS
Exploits6References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:41 a.m.12 views

CVE-2023-2978

A vulnerability was found in Abstrium Pydio Cells 4.2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Change Subscription Handler. The manipulation leads to authorization bypass. The exploit has been disclosed to the public and may be use...

4.6CVSS6.8AI score0.00723EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:50 a.m.5 views

CVE-2023-32750

Pydio Cells through 4.1.2 allows SSRF. For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The job "remote-download" can be used to cause the backend to send a HTTP GET request to a specified URL and save the response to a new file. The...

6.5CVSS6.8AI score0.03846EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:53 a.m.7 views

CVE-2023-2981

A vulnerability, which was classified as problematic, has been found in Abstrium Pydio Cells 4.2.0. This issue affects some unknown processing of the component Chat. The manipulation leads to basic cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...

5.4CVSS6.1AI score0.0067EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:50 a.m.8 views

CVE-2023-2980

A vulnerability classified as critical was found in Abstrium Pydio Cells 4.2.0. This vulnerability affects unknown code of the component User Creation Handler. The manipulation leads to improper control of resource identifiers. The attack can be initiated remotely. The exploit has been disclosed ...

8.8CVSS7.1AI score0.01124EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:49 a.m.5 views

CVE-2023-2979

A vulnerability classified as critical has been found in Abstrium Pydio Cells 4.2.0. This affects an unknown part of the component User Creation Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

8.8CVSS7AI score0.00807EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:21 p.m.6 views

CVE-2021-41325

Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. In addition, such users can be granted several admin permissions via the Roles parameter...

6.5CVSS7AI score0.01109EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:46 p.m.8 views

CVE-2021-41323

Directory traversal in the Compress feature in Pydio Cells 2.2.9 allows remote authenticated users to overwrite personal files, or Cells files belonging to any user, via the format parameter...

6.5CVSS6.6AI score0.02017EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 5:50 p.m.9 views

CVE-2020-12848

In Pydio Cells 2.0.4, once an authenticated user shares a file selecting the create a public link option, a hidden shared user account is created in the backend with a random username. An anonymous user that obtains a valid public link can get the associated hidden account username and password a...

5.8CVSS6.9AI score0.01105EPSS
Exploits1
Rows per page
Query Builder