Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-53884

Malicious code in bioql PyPI...

9CVSS8.8AI score0.00548EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-53883

Malicious code in bioql PyPI...

7.7CVSS8.9AI score0.00787EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/08 5:18 p.m.5 views

CVE-2024-43779

An information disclosure vulnerability exists in the Vault API functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to reading vaults that have been previously disabled, possibly leaking sensitive credentials. An attacker can send a series of HTTP...

7.7CVSS6.4AI score0.00787EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/08 5:18 p.m.7 views

CVE-2024-39272

A cross-site scripting xss vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to an arbitrary html code. An attacker can send a series of HTTP requests to trigger this vulnerability...

9CVSS6.2AI score0.00548EPSS
Exploits0References1
NVD
NVD
added 2025/02/06 5:15 p.m.17 views

CVE-2024-43779

An information disclosure vulnerability exists in the Vault API functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to reading vaults that have been previously disabled, possibly leaking sensitive credentials. An attacker can send a series of HTTP...

7.7CVSS0.00787EPSS
Exploits1References2
OSV
OSV
added 2025/02/06 5:15 p.m.2 views

CVE-2024-43779

An information disclosure vulnerability exists in the Vault API functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to reading vaults that have been previously disabled, possibly leaking sensitive credentials. An attacker can send a series of HTTP...

6.5CVSS5.8AI score0.00787EPSS
Exploits1References2
OSV
OSV
added 2025/02/06 5:15 p.m.5 views

CVE-2024-39272

A cross-site scripting xss vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to an arbitrary html code. An attacker can send a series of HTTP requests to trigger this vulnerability...

8.2CVSS5.8AI score0.00548EPSS
Exploits0References2
NVD
NVD
added 2025/02/06 5:15 p.m.9 views

CVE-2024-39272

A cross-site scripting xss vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to an arbitrary html code. An attacker can send a series of HTTP requests to trigger this vulnerability...

9CVSS0.00548EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/06 4:47 p.m.5 views

CVE-2024-39272

A cross-site scripting xss vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to an arbitrary html code. An attacker can send a series of HTTP requests to trigger this vulnerability...

9CVSS8.7AI score0.00548EPSS
Exploits0References1
CVE
CVE
added 2025/02/06 4:47 p.m.67 views

CVE-2024-39272

CVE-2024-39272 affects ClearML Enterprise Server 3.22.5-1533. The issue is a cross-site scripting (XSS) vulnerability in the dataset upload functionality, allowing an attacker with an existing ClearML account to upload HTML files which can execute JavaScript in the browser of an authenticated use...

9CVSS6.6AI score0.00548EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/02/06 4:47 p.m.87 views

CVE-2024-43779

CVE-2024-43779 is a information-disclosure vulnerability in ClearML Enterprise Server 3.22.5-1533. The root cause is that the Vault API can expose disabled vault items, allowing an authenticated user to retrieve vault contents via API requests (notably GET /api/v2.30/users.get_vaults). Cisco Talo...

7.7CVSS6.8AI score0.00787EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/06 4:47 p.m.4 views

CVE-2024-43779

An information disclosure vulnerability exists in the Vault API functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to reading vaults that have been previously disabled, possibly leaking sensitive credentials. An attacker can send a series of HTTP...

7.7CVSS7.4AI score0.00787EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/02/06 4:47 p.m.21 views

CVE-2024-43779

An information disclosure vulnerability exists in the Vault API functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to reading vaults that have been previously disabled, possibly leaking sensitive credentials. An attacker can send a series of HTTP...

7.7CVSS0.00787EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/02/06 12:0 a.m.4 views

PT-2025-5836 · Unknown · Clearml Enterprise Server

Name of the Vulnerable Software and Affected Versions: ClearML Enterprise Server version 3.22.5-1533 Description: A cross-site scripting XSS issue exists in the dataset upload functionality. A specially crafted HTTP request can lead to arbitrary HTML code execution. An attacker can send a series ...

9CVSS6AI score0.00548EPSS
Exploits0References5
Rows per page
Query Builder