Lucene search
K

265 matches found

NVD
NVD
added 2025/11/20 3:17 p.m.5 views

CVE-2025-40604

Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution...

9.8CVSS0.00168EPSS
Exploits0References1
OSV
OSV
added 2025/11/20 3:17 p.m.2 views

CVE-2025-40604

Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution...

9.8CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added 2025/11/20 12:17 p.m.7 views

CVE-2025-40604

Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution...

0.00168EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.5 views

PT-2025-47567

Name of the Vulnerable Software and Affected Versions SonicWall Email Security Appliance affected versions not specified Description The SonicWall Email Security appliance downloads root filesystem images without verifying signatures. This allows attackers with VMDK or datastore access to modify...

9.8CVSS7.2AI score0.00168EPSS
Exploits0References10
EUVD
EUVD
added 2025/11/13 10:58 p.m.4 views

EUVD-2025-50833

SpiceDB WriteRelationships fails silently if payload is too big...

6.9CVSS6.1AI score0.0024EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/13 11:33 a.m.10 views

CVE-2025-64529

A vulnerability has been identified in the WriteRelationships API of SpiceDB, where large relationship-update requests can be silently dropped when the payload exceeds what the underlying datastore permits. This occurs because the server does not always return an error when processing oversized...

6.9CVSS6.8AI score0.0024EPSS
Exploits0References4
Snyk
Snyk
added 2025/11/10 10:43 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the WriteRelationships function when the exclusion operator is used in the authorization schema and the server is configured with --write-relationships-max-updates-per-call greater...

6.9CVSS6.4AI score0.0024EPSS
Exploits0References2
OSV
OSV
added 2025/11/10 10:28 p.m.9 views

CVE-2025-64529 SpiceDB's WriteRelationships fails silently if payload is too big

SpiceDB is an open source database system for creating and managing security-critical application permissions. In versions prior to 1.45.2, users who use the exclusion operator somewhere in their authorization schema; have configured their SpiceDB server such that...

6.9CVSS6.4AI score0.0024EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-18871

Malware in sbrugna...

6.5CVSS6.5AI score0.00304EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-1550

Malware in sbrugna...

7.5CVSS7.6AI score0.01602EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-4264

Malware in sbrugna...

9.3CVSS6.2AI score0.0187EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-7467

Malware in sbrugna...

7.8CVSS7.7AI score0.01035EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-0717

Malware in sbrugna...

7.8CVSS7.7AI score0.00423EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/07/01 4:31 p.m.6 views

Moderate: Red Hat Security Advisory: Red Hat Data Grid 8.5.4 security update

An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/09 12:0 a.m.4 views

PT-2025-26262 · Maven · Org.Geotools:Gt-Wfs-Ng +1

Summary GeoTools Schema class use of Eclipse XSD library to represent schema data structure is vulnerable to XML External Entity XXE exploit. Impact This impacts whoever exposes XML processing with gt-xsd-core involved in parsing, when the documents carry a reference to an external XML schema. Th...

9.9CVSS7.1AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 8:44 a.m.4 views

CVE-2024-23640

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.6AI score0.00426EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:56 a.m.5 views

CVE-2023-46255

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0-rc1, when the provided datastore URI is malformed e.g. by having a password which contains : the full URI including the provided password is...

6.5CVSS6.4AI score0.00391EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:14 a.m.12 views

CVE-2023-25157

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...

9.8CVSS6.7AI score0.85247EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2024/11/25 4:56 p.m.24 views

Important: Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update

An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS6.7AI score0.02015EPSS
Exploits1References4
Veracode
Veracode
added 2024/08/22 7:31 a.m.12 views

Cross Site Scripting (XSS)

ckan is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to the Datatables view plugin did not properly escape record data coming from the DataStore. This can lead to compromising confidentiality of the system...

6.8CVSS6.5AI score0.00377EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder