Lucene search
K

1177 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-44381

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00403EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-32301

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.0132EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-28043

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00624EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-2935

Malicious code in bioql PyPI...

5.4CVSS5.4AI score0.01165EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-1887

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00549EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-22955

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.00573EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-57862

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00311EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/15 10:6 a.m.1 views

CVE-2025-9076 Mattermost Server exposes sensitive user credentials during shared channel membership synchronization

Mattermost versions 10.10.x = 10.10.1 fail to properly sanitize user data during shared channel membership synchronization, which allows malicious or compromised remote clusters to access sensitive user information via unsanitized user objects. This vulnerability affects Mattermost Server instanc...

6.5CVSS6.3AI score0.00242EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/04 12:0 a.m.5 views

PT-2025-35926

Name of the Vulnerable Software and Affected Versions: appRain CMF version 4.0.5 Description: A stored authenticated cross-site scripting XSS issue exists due to insufficient validation of user-supplied data. The vulnerability is triggered through the dataAddonlayouts and dataAddonlayouts except...

5.4CVSS5.3AI score0.00162EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/08/08 12:0 a.m.10 views

The vulnerability of the system() function in the bin/goahead software for D-Link DIR-816 A2 wireless routers allows a hacker to execute arbitrary code.

The vulnerability of the system function in the bin/goahead microprogramming software for D-Link DIR-816 A2 wireless routers is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS5.9AI score0.00891EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/08/04 12:0 a.m.9 views

The vulnerability of the wsConvertPpt component in the Chamilo LMS e-learning and content management system allows a hacker to execute arbitrary commands.

The vulnerability of the wsConvertPpt component in the Chamilo LMS e-learning and content management system is related to the lack of measures taken to clean data at the administrative level. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

10CVSS8.3AI score0.99192EPSS
Exploits9References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/30 12:0 a.m.6 views

The vulnerability of the PAN-OS operating system, related to the lack of measures for cleaning incoming data, allows attackers to compromise the integrity of protected information.

The vulnerability of the PAN-OS operating system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a remote attacker to compromise the integrity of the protected information...

4CVSS5.5AI score0.00371EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/21 12:0 a.m.5 views

PT-2025-30330 · Unknown · Livehelperchat

Name of the Vulnerable Software and Affected Versions: Live Helper Chat version 4.60 Description: A stored cross-site scripting XSS vulnerability exists in Live Helper Chat version 4.60. This allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Telegra...

5.4CVSS5.5AI score0.00872EPSS
Exploits4References6
Positive Technologies
Positive Technologies
added 2025/07/18 12:0 a.m.3 views

PT-2025-30100 · Unknown · Food Ordering Review System

Name of the Vulnerable Software and Affected Versions: code-projects Food Ordering Review System version 1.0 Description: A critical vulnerability exists in the Food Ordering Review System. The vulnerability affects unknown code within the /pages/signup function.php file. Manipulation of the fnam...

9.8CVSS7.5AI score0.00399EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/07/18 12:0 a.m.8 views

PT-2025-30070 · Unknown · Agorum Core Open

Name of the Vulnerable Software and Affected Versions: agorum core open versions 11.9.2 and 11.10.1 Description: The software contains an XML External Entity XXE issue via the RSSReader endpoint. Attackers can potentially access sensitive data by providing a crafted XML input. Recommendations: Fo...

6.5CVSS6.3AI score0.00214EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.6 views

The vulnerability of the formBSSetSitesurvey() function (/goform/formBSSetSitesurvey) in the Wi-Fi range expansion software by Belkin F9K1122 allows a intruder to execute arbitrary commands.

The vulnerability of the formBSSetSitesurvey function /goform/formBSSetSitesurvey of the Belkin F9K1122 Wi-Fi range extender software is related to the lack of measures taken at the control level for data cleaning. Exploiting this vulnerability could allow a remote attacker to execute arbitrary...

6.5CVSS6.9AI score0.13474EPSS
Exploits1References5Affected Software1
Packet Storm News
Packet Storm News
added 2025/07/06 12:0 a.m.8 views

Model Inversion Attacks on Llama 3: Extracting PII from Large Language Models

Large language models LLMs have transformed natural language processing, but their ability to memorize training data poses significant privacy risks. This paper investigates model inversion attacks on the Llama 3.2 model, a multilingual LLM developed by Meta. By querying the model with carefully...

6.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/04 12:0 a.m.6 views

The vulnerability of the Command Execution function in the file manager for managing files and directories in the File Browser allows a hacker to gain access to read and modify files.

The vulnerability of the Command Execution function in the file manager and File Browser web manager is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read and modify files...

8CVSS5.7AI score0.00885EPSS
Exploits1References3Affected Software1
Drupal
Drupal
added 2025/06/25 12:0 a.m.20 views

Paragraphs table - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-084

Project Paragraphs table provides a field for a collection table. The module doesn't sufficiently sanitise certain data attributes allowing Cross Site Scripting XSS attacks. This vulnerability is mitigated by the fact that an attacker must have a role with permission to enter HTML tags containing...

5.4CVSS5.4AI score0.00186EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.6 views

The vulnerability of the `easy_uci_set_option_string_0()` function in the `/cgi-bin/lighttpd.cgi` file of the LB-LINK BL-AC3600 router’s microprogramming system allows a hacker to execute arbitrary code.

The vulnerability of the easyucisetoptionstring0 function in the /cgi-bin/lighttpd.cgi file of the LB-LINK BL-AC3600 router microprogramming system is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability could allow an attacker operating...

6.5CVSS6.9AI score0.01921EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder