Lucene search
K

11 matches found

Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.17 views

PT-2026-38648

Name of the Vulnerable Software and Affected Versions electerm versions 3.x and earlier Description The getConstants IPC handler in src/app/lib/ipc-sync.js serializes the entire process.env object and sends it to the renderer, where it is stored as window.pre.env. This data is accessible to any...

6.5CVSS5.8AI score0.00103EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.18 views

EUVD-2025-16160

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00302EPSS
Exploits0References2
NVD
NVD
added 2025/05/22 3:16 p.m.10 views

CVE-2025-45471

Insecure permissions in measure-cold-start v1.4.1 allows attackers to escalate privileges and compromise the customer cloud account...

8.8CVSS0.00343EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/05/22 12:0 a.m.8 views

CVE-2025-45471

Insecure permissions in measure-cold-start v1.4.1 allows attackers to escalate privileges and compromise the customer cloud account...

0.00343EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/05/22 12:0 a.m.6 views

CVE-2025-45468

Insecure permissions in fc-stable-diffusion-plus v1.0.18 allows attackers to escalate privileges and compromise the customer cloud account...

8.8AI score0.00302EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/22 12:0 a.m.26 views

CVE-2025-45472

Insecure permissions in autodeploy-layer v1.2.0 allows attackers to escalate privileges and compromise the customer cloud account...

0.00302EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/22 12:0 a.m.5 views

CVE-2025-45472

Insecure permissions in autodeploy-layer v1.2.0 allows attackers to escalate privileges and compromise the customer cloud account...

8.8AI score0.00302EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/22 12:0 a.m.6 views

CVE-2025-45471

Insecure permissions in measure-cold-start v1.4.1 allows attackers to escalate privileges and compromise the customer cloud account...

8.8AI score0.00343EPSS
Exploits1References2
CVE
CVE
added 2025/05/22 12:0 a.m.51 views

CVE-2025-45472

The CVE-2025-45472 entry covers insecure permissions in autodeploy-layer v1.2.0, enabling privilege escalation that could compromise the customer cloud account. Multiple sources corroborate that the issue is tied to improper access controls in autodeploy-layer and that it affects at least version...

8.8CVSS6.8AI score0.00302EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/22 12:0 a.m.11 views

PT-2025-22511 · Unknown · Autodeploy-Layer

Name of the Vulnerable Software and Affected Versions: autodeploy-layer version 1.2.0 Description: The issue is related to insecure permissions, allowing attackers to escalate privileges and compromise the customer cloud account. Recommendations: For autodeploy-layer version 1.2.0, consider...

8.8CVSS6.4AI score0.00302EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2021/05/19 8:16 p.m.57 views

Microsoft, Google Clouds Hijacked for Gobs of Phish

Threat actors are cashing in on the rapid shift to cloud-based business services during the pandemic, by hiding behind ubiquitous, trusted services from Microsoft and Google to make their email phishing scams look legit. And it’s working. In fact, in the first three months of 2021 alone,...

7AI score
Exploits0References7
Rows per page
Query Builder