Lucene search
+L

49 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6860

Malicious code in bioql PyPI...

7.1CVSS6.8AI score0.0051EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-43903

Malicious code in bioql PyPI...

7.8CVSS7.4AI score0.00736EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-37323

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.02748EPSS
Exploits2References1
Rosalinux
Rosalinux
added 2025/08/06 8:30 a.m.6 views

Advisory ROSA-SA-2025-2940

Software: exfatprogs 1.2.9 OS: ROSA-CHROME unaffected versions = exfatprogs-1.2.9-1 affected versions exfatprogs-1.2.9-1 CVE-ID: CVE-2023-45897 BDU-ID: 2024-03156 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the readfiledentryset function of the exfatprogs user-space utility is related to readi...

5.5CVSS5.2AI score0.00381EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/06/09 12:0 a.m.8 views

PT-2025-24579 · Amd · Amd Versal Adaptive Soc

Name of the Vulnerable Software and Affected Versions: AMD Versal Adaptive SoC devices affected versions not specified Description: The issue arises from the incorrect configuration of the Secure Stream Switch SSS during runtime, specifically after the system has booted, which could cause data to...

3.2CVSS6AI score0.00126EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/05/29 4:36 p.m.20 views

CVE-2025-46722 vLLM has a Weakness in MultiModalHasher Image Hashing Implementation

vLLM is an inference and serving engine for large language models LLMs. In versions starting from 0.7.0 to before 0.9.0, in the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it serializes PIL.Image.Image...

4.2CVSS0.00266EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:9 a.m.8 views

CVE-2024-28167

SAP Group Reporting Data Collection does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, specific data can be changed via the Enter Package Data app although the user does not have sufficient authorization...

6.5CVSS7.3AI score0.00364EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:28 a.m.8 views

CVE-2022-48287

The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data integrity...

7.5CVSS6.9AI score0.00362EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:13 p.m.12 views

CVE-2021-36751

ENC DataVault 7.2.3 and before, and OEM versions, use an encryption algorithm that is vulnerable to data manipulation without knowledge of the key. This is called ciphertext malleability. There is no data integrity mechanism to detect this manipulation...

6.4CVSS6.8AI score0.00486EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/22 6:25 p.m.3 views

CVE-2025-31327 OData meta-data property entity tampering in SAP Field Logistics

SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data tampering, due to which certain fields could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability are not impacted...

4.3CVSS7AI score0.00238EPSS
Exploits0References2
OSV
OSV
added 2025/03/20 10:15 a.m.6 views

CVE-2024-11301

In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator...

6.5CVSS7AI score0.00535EPSS
Exploits1References2
CVE
CVE
added 2025/03/20 10:10 a.m.47 views

CVE-2024-11301

CVE-2024-11301 affects lunary-ai/lunary prior to 1.6.3. The issue is the absence of a unique constraint on the combination of projectId and slug when creating evaluators, allowing an attacker to overwrite an existing evaluator by submitting a POST with the same slug. This leads to data integrity ...

6.5CVSS6.4AI score0.00535EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.10 views

CVE-2024-11301 Improper Enforcement of Unique Constraint in lunary-ai/lunary

In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator...

6.5CVSS0.00535EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2022-28199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA's distribution of the Data Plane Development Kit MLNXDPDK contains a vulnerability in the network stack, where error recovery is not handled properly,...

8.6CVSS7.1AI score0.0188EPSS
Exploits0References2
OSV
OSV
added 2025/02/18 8:15 p.m.2 views

DEBIAN-CVE-2024-45781

A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure...

6.7CVSS6.3AI score0.00243EPSS
Exploits0References1
Rosalinux
Rosalinux
added 2025/01/28 7:26 p.m.24 views

Advisory ROSA-SA-2025-2655

Software: webkit4 2.44.1 OS: ROSA-CHROME packageevrstring: webkit4-2.44.1-1 CVE-ID: CVE-2023-28198 BDU-ID: 2023-04538 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the macOS operating system WebKit web page display module is associated with a post-release exploit error. Exploitation of the...

9.8CVSS9.5AI score0.01356EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/01/28 1:19 a.m.12 views

Moderate: Red Hat Security Advisory: bzip2 security and bug fix update

An update for bzip2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS6.7AI score0.0812EPSS
Exploits0References3
OSV
OSV
added 2025/01/28 12:0 a.m.22 views

ALSA-2025:0733 Moderate: bzip2 security update

The bzip2 packages contain a freely available, high-quality data compressor. It provides both standalone compression and decompression utilities, as well as a shared library for use with other programs. Security Fixes: bzip2: bzip2: Data integrity error when decompressing with data integrity test...

9.8CVSS7.2AI score0.0812EPSS
Exploits0References4
Redos
Redos
added 2024/12/20 12:0 a.m.15 views

ROS-20241220-01

A vulnerability in the password verification function of the PHP programming language is related to insufficient calculation of the password hash. password hash. Exploitation of the vulnerability allows an attacker to affect data integrity...

8.1CVSS7AI score0.00944EPSS
Exploits1
Huntr
Huntr
added 2024/11/15 5:26 a.m.4 views

Lack of unique constraint validation allows overwriting evaluators

Description The application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator. Since the backend lacks databa...

6.5CVSS6.7AI score0.00535EPSS
Exploits1
Rows per page
Query Builder