Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2025/02/10 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2025-7fd2f66440)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS9.5AI score0.00996EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2025/02/09 12:0 a.m.7 views

Fedora 40 : vaultwarden (2025-7fd2f66440)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-7fd2f66440 advisory. update to 1.33.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

8.1CVSS8.6AI score0.00996EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/02/08 12:0 a.m.9 views

Fedora 41 : vaultwarden (2025-41f4056b0e)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-41f4056b0e advisory. update to 1.33.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

8.1CVSS8.6AI score0.00996EPSS
Exploits2References3
NVD
NVD
added 2025/01/27 6:15 p.m.10 views

CVE-2025-24364

vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwardenrs. Attacker with authenticated access to the vaultwarden admin panel can execute arbitrary code in the system. The attacker could then change some settings to use sendmail as mail agent but adjus...

7.2CVSS0.00996EPSS
Exploits1References2
Circl
Circl
added 2025/01/27 5:48 p.m.8 views

CVE-2025-24364

creationtimestamp| type| source ---|---|--- 2025-01-27 17:48:22+00:00| seen| https://infosec.exchange/users/cve/statuses/113901574697474273 2025-01-27 18:16:21+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgqkdgggem2w 2025-01-27 20:11:24+00:00| seen|...

7.2CVSS8.9AI score0.00996EPSS
Exploits1References5
OSV
OSV
added 2025/01/27 5:46 p.m.1 views

CVE-2025-24364 vaultwarden allows RCE in the admin panel

vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwardenrs. Attacker with authenticated access to the vaultwarden admin panel can execute arbitrary code in the system. The attacker could then change some settings to use sendmail as mail agent but adjus...

7.2CVSS9AI score0.00996EPSS
Exploits1References4
CVE
CVE
added 2025/01/27 5:46 p.m.327 views

CVE-2025-24364

CVE-2025-24364 affects vaultwarden (Unofficial Bitwarden server) written in Rust. The vuln requires authenticated access to the vaultwarden admin panel and allows arbitrary code execution by manipulating mail settings to trigger shell commands, with a specially crafted favicon used to embed comma...

7.2CVSS7.6AI score0.00996EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder