Lucene search
K

10 matches found

OSV
OSV
added 2026/05/23 8:16 p.m.14 views

MAL-2026-4381 Malicious code in @digicroz/typed-api-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32c8c3e9ffd3f994b21011084101df521e232c2ee5dbe93fd51f36977549f2dc The exported paymentGateways.pay0Pg.createOrder API does not call pay0.shop directly. Instead, dist/index.js hardcodes a base URL of...

5.9AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/07 8:56 p.m.6 views

CVE-2025-12486

Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Heimdall Data Database Proxy. Minimal user interaction is required to exploit this vulnerability. The specific...

8.8CVSS7.5AI score0.00444EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/06 8:12 p.m.11 views

CVE-2025-12486 Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability

Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Heimdall Data Database Proxy. Minimal user interaction is required to exploit this vulnerability. The specific...

8.8CVSS0.00444EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/10/30 12:0 a.m.9 views

Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Heimdall Data Database Proxy. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the handling of the database event logs. The issue results from the...

8.8CVSS7.8AI score0.00444EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.9 views

PT-2025-44564

Name of the Vulnerable Software and Affected Versions Heimdall Data Database Proxy affected versions not specified Description This issue allows remote attackers to execute arbitrary code on affected installations of Heimdall Data Database Proxy with minimal user interaction. The flaw resides in...

8.8CVSS7.5AI score0.00444EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2024/08/02 12:31 p.m.10 views

org.apache.inlong:audit-proxy (>=1.10.0 <=1.12.0), org.apache.inlong:dataproxy-dist (>=1.10.0 <=1.12.0) +20 more potentially affected by CVE-2024-36268 via org.apache.inlong:tubemq-core (>=1.10.0 <=1.12.0)

org.apache.inlong:tubemq-core MAVEN version =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.12.0 and more Source cves: CVE-2024-36268 Source advisory: OSV:GHSA-QFF2-8QW7-HCVW...

9.8CVSS5.8AI score0.01173EPSS
Exploits0
Citrix
Citrix
added 2020/11/09 12:0 a.m.8 views

Self-Service Password Reset Central Store Creation Tool

SSPR Central Store Creation Tool Created Date: Sept 23, 2016 Updated Date: Sept 23, 2016 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to t...

6.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2020/11/04 7:24 p.m.5 views

cxf: JMX integration is vulnerable to a MITM attack

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle MITM style attack. An...

5.3CVSS7.4AI score0.06147EPSS
Exploits0References4
CNVD
CNVD
added 2015/05/14 12:0 a.m.4 views

SAP Sybase Unwired Platform Online Data Proxy Information Disclosure Vulnerability

SAP Sybase Unwired Platform is a suite of enterprise-grade mobile application platforms.Online Data Proxy is one of the online data proxy modules. A security vulnerability in SAP Sybase Unwired Platform Online Data Proxy allows a local attacker to exploit the DataVault library to obtain username...

2.1CVSS6.6AI score0.00379EPSS
Exploits0References1
CVE
CVE
added 2015/05/12 8:0 p.m.58 views

CVE-2015-3978

CVE-2015-3978 affects the SAP Sybase Unwired Platform Online Data Proxy. A vulnerability in the DataVault library could allow a local attacker to obtain usernames and passwords, as noted in SAP Security Note 2094830. The CVSS-derived data indicates a local attack with low base severity and partia...

2.1CVSS6.4AI score0.00379EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder