Lucene search
K

424 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-38518

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00287EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-5371

Malicious code in bioql PyPI...

6.8CVSS8AI score0.00222EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-52310

Malicious code in bioql PyPI...

9.6CVSS8.1AI score0.0021EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-45810

Malicious code in bioql PyPI...

4.3CVSS5.2AI score0.0029EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-28271

Malicious code in bioql PyPI...

9.3CVSS6.2AI score0.0063EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-28272

Malicious code in bioql PyPI...

9.3CVSS6.2AI score0.0063EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-29646

Malicious code in bioql PyPI...

8.7CVSS5.8AI score0.00919EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-45561

Malicious code in bioql PyPI...

7.1CVSS7AI score0.0042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:25 a.m.10 views

CVE-2024-52001

Combodo iTop is a simple, web based IT Service Management tool. In affected versions portal users are able to access forbidden services information. This issue has been addressed in version 3.2.0. All users are advised to upgrade. There are no known workarounds for this vulnerability...

4.3CVSS6.8AI score0.0029EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:24 a.m.5 views

CVE-2024-51993

Combodo iTop is a web based IT Service Management tool. An attacker accessing a backup file or the database can read some passwords for misconfigured Users. This issue has been addressed in version 3.2.0 and all users are advised to upgrade. Users unable to upgrade are advised to encrypt their...

3.4CVSS6.5AI score0.0011EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:23 a.m.6 views

CVE-2024-51740

Combodo iTop is a simple, web based IT Service Management tool. This vulnerability can be used to create HTTP requests on behalf of the server, from a low privileged user. The user portal form manager has been fixed to only instantiate classes derived from it. This issue has been addressed in...

8.8CVSS6.7AI score0.00528EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:9 a.m.8 views

CVE-2023-47489

CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components...

7.8CVSS7.8AI score0.00448EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:9 a.m.8 views

CVE-2023-47488

Cross Site Scripting vulnerability in Combodo iTop v.3.1.0-2-11973 allows a local attacker to obtain sensitive information via a crafted script to the attribmanagerid parameter in the General Information page and the id parameter in the contact page...

6.1CVSS5.7AI score0.01243EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:23 a.m.7 views

CVE-2023-34443

Combodo iTop is a simple, web based IT Service Management tool. When displaying page Run queries Cross-site Scripting XSS are possible for scripts outside of script tags. This has been fixed in versions 2.7.9, 3.0.4, 3.1.0. All users are advised to upgrade. There are no known workarounds for this...

8.8CVSS6.1AI score0.00287EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:20 a.m.7 views

CVE-2023-34444

Combodo iTop is a simple, web based IT Service Management tool. When displaying pages/ajax.searchform.php XSS are possible for scripts outside of script tags. This issue has been fixed in versions 2.7.9, 3.0.4, 3.1.0. All users are advised to upgrade. There are no known workarounds for this...

8.8CVSS6AI score0.00286EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:47 a.m.9 views

CVE-2023-34445

Combodo iTop is a simple, web based IT Service Management tool. When displaying pages/ajax.render.php XSS are possible for scripts outside of script tags. This issue has been fixed in versions 2.7.9, 3.0.4, 3.1.0. All users are advised to upgrade. There are no known workarounds for this...

8.8CVSS6AI score0.00286EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:45 p.m.6 views

CVE-2021-32664

Combodo iTop is an open source web based IT Service Management tool. In affected versions there is a XSS vulnerability on "run query" page when logged as administrator. This has been resolved in versions 2.6.5 and 2.7.5...

8.1CVSS6AI score0.00808EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:34 p.m.7 views

CVE-2021-32775

Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.4, a non admin user can get access to many class/field values through GroupBy Dashlet error message. This issue is fixed in versions 2.7.4 and 3.0.0...

7.7CVSS6.6AI score0.00779EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:32 p.m.8 views

CVE-2021-32776

Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.4, CSRF tokens can be reused by a malicious user, as on Windows servers no cleanup is done on CSRF tokens. This issue is fixed in versions 2.7.4 and 3.0.0...

8.8CVSS6.6AI score0.00377EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:19 p.m.9 views

CVE-2021-21407

Combodo iTop is an open source, web based IT Service Management tool. Prior to version 2.7.4, the CSRF token validation can be bypassed through iTop portal via a tricky browser procedure. The vulnerability is patched in version 2.7.4 and 3.0.0...

8CVSS6.8AI score0.00461EPSS
Exploits0References1
Rows per page
Query Builder