Lucene search
K

59 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2024-47680

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.00143EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.27 views

EUVD-2022-34531

Malicious code in bioql PyPI...

6.2CVSS5.4AI score0.00459EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.26 views

EUVD-2022-34530

Malicious code in bioql PyPI...

9.1CVSS9AI score0.01122EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2024-47679

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.00302EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:43 a.m.4 views

CVE-2024-6619

In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...

8.5CVSS6.8AI score0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:49 p.m.8 views

CVE-2022-2254

A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 can store a script that could impact other logged in users...

6.2CVSS6.8AI score0.00459EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:19 p.m.8 views

CVE-2022-2253

A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 may send OS commands to execute on the host server...

9.1CVSS7.3AI score0.01122EPSS
Exploits0References1
Fedora
Fedora
added 2025/01/11 1:25 a.m.21 views

[SECURITY] Fedora 40 Update: libxmp-4.6.1-2.fc40

Libxmp is a library that renders module files to PCM data. It supports over 90 mainstream and obscure module formats including Protracker MOD, Scream Tracker 3 S3M, Fast Tracker II XM, and Impulse Tracker IT. Many compressed module formats are supported, including popular Unix, DOS, and Amiga fil...

7.8CVSS7.3AI score0.0056EPSS
Exploits0
NVD
NVD
added 2024/08/13 5:15 p.m.18 views

CVE-2024-6619

In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...

8.5CVSS0.00143EPSS
Exploits0References1
NVD
NVD
added 2024/08/13 5:15 p.m.31 views

CVE-2024-6618

In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link library DLL...

8.5CVSS0.00302EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/13 4:41 p.m.11 views

CVE-2024-6619 Incorrect Permission Assignment for Critical Resource in Ocean Data Systems Dream Report

In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...

8.5CVSS6.9AI score0.00143EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/13 4:41 p.m.32 views

CVE-2024-6619 Incorrect Permission Assignment for Critical Resource in Ocean Data Systems Dream Report

In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...

8.5CVSS0.00143EPSS
Exploits0References1
CVE
CVE
added 2024/08/13 4:41 p.m.43 views

CVE-2024-6619

In the provided documents, CVE-2024-6619 is described as an Incorrect Permission Assignment for Critical Resource affecting Ocean Data Systems Dream Report. Affected components are Dream Report 2023 (and AVEVA Reports for Operations 2023) with versions up to 23.0.17795.1010. The root cause is inc...

8.5CVSS6.6AI score0.00143EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/13 4:37 p.m.40 views

CVE-2024-6618 Path Traversal in Ocean Data Systems Dream Report

In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link library DLL...

8.5CVSS0.00302EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/13 4:37 p.m.14 views

CVE-2024-6618 Path Traversal in Ocean Data Systems Dream Report

In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link library DLL...

8.5CVSS8AI score0.00302EPSS
Exploits0References1
CVE
CVE
added 2024/08/13 4:37 p.m.58 views

CVE-2024-6618

CVE-2024-6618 affects Ocean Data Systems Dream Report (and AVEVA Reports for Operations). The root cause is errors in processing relative paths to directories, enabling path traversal that could allow remote code execution via injection of a malicious DLL. Affected products/versions include Dream...

8.5CVSS7.7AI score0.00302EPSS
Exploits0References1
ICS
ICS
added 2024/08/13 6:0 a.m.31 views

Ocean Data Systems Dream Report

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Ocean Data Systems Equipment : Dream Report 2023 Vulnerabilities : Path Traversal, Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of these...

8.5CVSS7.8AI score0.00302EPSS
Exploits0References10
CNNVD
CNNVD
added 2023/07/06 12:0 a.m.7 views

PiiGAB M-Bus 安全漏洞

PiiGAB M-Bus is a communication protocol from PiiGAB used between meters and centralized data collection systems or prepaid units. A security vulnerability exists in the PiiGAB M-Bus 900S version, which originates from the storage of credentials in clear text...

6.5CVSS6.5AI score0.00405EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/03 12:0 a.m.4 views

Knowage 路径遍历漏洞

Knowage is an open source suite for modern business analytics on legacy resources and big data systems from Knowage, Italy. A path traversal vulnerability exists in Knowage versions prior to 6.x.x through 8.1.8, which stems from an authenticated user being able to download a template hosted on th...

6.5CVSS6.5AI score0.00656EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/07/20 2:1 a.m.24 views

CVE-2022-32458 Data Systems Consulting Co., Ltd. BPM - XML External Entity (XXE) Injection

Digiwin BPM has a XML External Entity Injection XXE vulnerability due to insufficient validation for user input. An unauthenticated remote attacker can perform XML injection attack to access arbitrary system files...

7.5CVSS8.1AI score0.00912EPSS
Exploits0References2
Rows per page
Query Builder