Lucene search
K

74 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-8599

Malware in sbrugna...

8.8CVSS8.7AI score0.00582EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-7667

Malware in sbrugna...

7.8CVSS7.7AI score0.00341EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2006-0751

Malware in sbrugna...

7.2CVSS6.4AI score0.01099EPSS
Exploits4References23
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2022-35333

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00563EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-24956

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00778EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.6 views

PT-2025-34875 · Totolink · Totolink T10

Name of the Vulnerable Software and Affected Versions: TOTOLINK T10 version 4.1.8cu.5241 B20210927 Description: A vulnerability exists in TOTOLINK T10 version 4.1.8cu.5241 B20210927 related to improper authentication. The issue is located in the /formLoginAuth.htm file and involves the manipulati...

7.5CVSS7AI score0.09214EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/23 9:28 a.m.8 views

CVE-2024-31802

DESIGNA ABACUS v.18 and before allows an attacker to bypass the payment process via a crafted QR code...

6.3CVSS6.8AI score0.00333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:29 a.m.7 views

CVE-2024-45300

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, a race condition allows the user to bypass the limit on the number of promo codes and use the discount coupon multiple times. In "alf.io", an event organizer can apply...

7.5CVSS7AI score0.0042EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:53 p.m.6 views

CVE-2024-26131

Element Android is an Android Matrix Client. Element Android version 1.4.3 through 1.6.10 is vulnerable to intent redirection, allowing a third-party malicious application to start any internal activity by passing some extra parameters. Possible impact includes making Element Android display an...

8.4CVSS6.9AI score0.00473EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2024/12/04 3:45 p.m.19 views

Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware

Executive Summary Beginning in early October, Rapid7 has observed a resurgence of activity related to the ongoing social engineering campaign being conducted by Black Basta ransomware operators. Rapid7 initially reported the discovery of the novel social engineering campaign back in May, 2024,...

8.5AI score
Exploits0
Nextcloud
Nextcloud
added 2023/12/18 8:25 a.m.34 views

App PIN code can be bypassed in Files iOS

None...

4.3CVSS4.8AI score0.00288EPSS
Exploits0References2Affected Software1
FreeBSD
FreeBSD
added 2023/09/28 12:0 a.m.50 views

Gitlab -- vulnerabilities

Attacker can add other projects policy bot as member to their own project and use that bot to trigger pipelines in victims project Group import allows impersonation of users in CI pipelines Developers can bypass code owners approval by changing a MR's base branch Leaking source code of restricted...

8.8CVSS6.8AI score0.01094EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/14 12:0 a.m.7 views

CVE-2022-45174

An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication for SAML Users can occur under the /login/backupcode endpoint and the /api/v1/vdeskintegration/challenge endpoint. The correctness of the TOTP is not checked properly, and can be bypassed by...

7.2AI score0.01033EPSS
Exploits1References1
CVE
CVE
added 2022/09/28 7:11 p.m.86 views

CVE-2022-36781

CVE-2022-36781 affects ConnectWise ScreenConnect versions 22.6 and below. The root cause is inadequate rate-limiting on custom access tokens in the default configuration, enabling potential brute-force attempts to gain unauthorized access to session code protections. Multiple connected sources co...

5.3CVSS5.4AI score0.00457EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/06/09 12:15 p.m.24 views

Design/Logic Flaw

Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage...

2.1CVSS6.4AI score0.00328EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2021/06/09 11:23 a.m.23 views

CVE-2021-26313

Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage...

5.5CVSS3.9AI score0.00328EPSS
Exploits0
Kaspersky
Kaspersky
added 2021/03/02 12:0 a.m.474 views

KLA12106 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A heap buff...

8.8CVSS9.3AI score0.26525EPSS
Exploits25References4
OSV
OSV
added 2020/09/10 2:15 a.m.3 views

CVE-2020-24655

A race condition in the Twilio Authy 2-Factor Authentication application before 24.3.7 for Android allows a user to potentially approve/deny an access request prior to unlocking the application with a PIN on older Android devices effectively bypassing the PIN requirement...

5.1CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added 2019/04/30 8:30 p.m.19 views

CVE-2019-3933

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply by requesting /images/browserslide.jpg via HTTP. A remote, unauthenticated attacker can use this vulnerability to watch a slideshow without knowing the access code...

5.5AI score0.0595EPSS
Exploits1References1
OSV
OSV
added 2018/10/27 9:45 a.m.11 views

MGASA-2018-0419 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 4.14.78 and adds additional fixes for the L1TF security issues. It also fixes at least the following security issues: Linux kernel from versions 3.9 and up, is vulnerable to a denial of service attack with low rates of specially modified packets...

8.3CVSS8.1AI score0.24575EPSS
Exploits8References11
Rows per page
Query Builder