Lucene search
K

202 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-35287

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00176EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-51091

Malicious code in bioql PyPI...

7.3CVSS6.6AI score0.00262EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-1677

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.00437EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/22 9:32 a.m.17 views

CVE-2025-57733

In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content...

5.5CVSS7.5AI score0.00261EPSS
Exploits0References1
OSV
OSV
added 2025/08/20 10:15 a.m.5 views

CVE-2025-57733

In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content...

3.8CVSS5.8AI score0.00261EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 10:15 a.m.7 views

CVE-2025-57733

In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content...

5.5CVSS0.00261EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 9:14 a.m.23 views

CVE-2025-57733

JetBrains TeamCity prior to 2025.07.1 is vulnerable to a sMTP injection that can modify email content. The CVE-2025-57733 entry is corroborated by multiple connected sources, including Red Hat advisory and PT Security, which list TeamCity

5.5CVSS7.5AI score0.00261EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/20 9:14 a.m.4 views

CVE-2025-57733

In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content...

5.5CVSS6.9AI score0.00261EPSS
Exploits0References1
NVD
NVD
added 2025/08/19 5:15 a.m.31 views

CVE-2025-5417

An insufficient access control vulnerability was found in the Red Hat Developer Hub rhdh/rhdh-hub-rhel9 container image. The Red Hat Developer Hub cluster admin/user, who has standard user access to the cluster, and the Red Hat Developer Hub namespace, can access the rhdh/rhdh-hub-rhel9 container...

6.1CVSS0.00199EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/06/30 5:54 p.m.9 views

electron ASAR Integrity bypass by just modifying the content

electron's ASAR Integrity can be bypass by modifying the content. Impact This only impacts apps that have the embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses enabled. Apps without these fuses enabled are not impacted. This issue is specific to Windows, apps using these fuses on macO...

7.8CVSS6.5AI score0.00105EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2025/06/13 12:0 a.m.3 views

Restaurant Table Booking System /admin/add-table.php File Cross-Site Scripting Vulnerability

Restaurant Table Booking System is a restaurant table reservation system. The Restaurant Table Booking System suffers from a cross-site scripting vulnerability that stems from improper handling of the parameter tableno in the file /admin/add-table.php. An attacker could use this vulnerability to...

5.4CVSS6.3AI score0.00247EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:56 a.m.4 views

CVE-2024-6012

The Cost Calculator Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'embed-create-page' and 'embed-insert-pages' functions in all versions up to, and including, 3.2.12. This makes it possible for authenticated attackers, wit...

4.3CVSS6AI score0.00385EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:44 a.m.6 views

CVE-2023-30949

A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the page's content, which could lead to phishing attacks...

5.3CVSS6.8AI score0.00176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:46 a.m.9 views

CVE-2023-29207

XWiki Commons are technical libraries common to several other top level XWiki projects. The Livetable Macro wasn't properly sanitizing column names, thus allowing the insertion of raw HTML code including JavaScript. This vulnerability was also exploitable via the Documents Macro that is included...

9CVSS7.5AI score0.01393EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:55 p.m.4 views

CVE-2021-37413

GRANDCOM DynWEB before 4.2 contains a SQL Injection vulnerability in the admin login interface. A remote unauthenticated attacker can exploit this vulnerability to obtain administrative access to the webpage, access the user database, modify web content and upload custom files. The backend login...

9.8CVSS7.4AI score0.01813EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:23 p.m.10 views

CVE-2021-24633

The Countdown Block WordPress plugin before 1.1.2 does not have authorisation in the ebwriteblockcss AJAX action, which allows any authenticated user, such as Subscriber, to modify post contents displayed to users...

4.3CVSS6.5AI score0.0065EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:6 a.m.10 views

CVE-2019-13931

A vulnerability has been identified in XHQ All versions V6.0.0.2. The web interface could allow for an an attacker to craft the input in a form that is not expected, causing the application to behave in unexpected ways for legitimate users. Successful exploitation requires for an attacker to be...

5.4CVSS6.3AI score0.00521EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:25 a.m.5 views

CVE-2013-5594

Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding...

4.3CVSS6.8AI score0.00683EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:41 a.m.6 views

CVE-2013-2123

The Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to content containing a user reference field when the author update/delete grants are enabled and the author's user account is deleted, which allows remote attacke...

5.8CVSS7.1AI score0.01309EPSS
Exploits1References1
NVD
NVD
added 2025/04/14 4:15 p.m.15 views

CVE-2025-2572

In WhatsUp Gold versions released before 2024.0.3, a database manipulation vulnerability allows an unauthenticated attacker to modify the contents of WhatsUp.dbo.WrlsMacAddressGroup...

5.6CVSS0.00228EPSS
Exploits0References2
Rows per page
Query Builder