Lucene search
K

872 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.4 views

SUSE SLES15 Security Update : libsoup (SUSE-SU-2025:3752-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3752-1 advisory. - CVE-2025-11021: Ignored invalid date when processing cookies to prevent out-of-bounds read bsc1250562. Tenable has extracted the preceding...

7.5CVSS7.3AI score0.00594EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/10/23 10:26 a.m.4 views

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-11021: Ignored invalid date when processing cookies to prevent out-of-bounds read bsc1250562. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.2CVSS7AI score0.00594EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/10/23 10:26 a.m.6 views

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-11021: Ignored invalid date when processing cookies to prevent out-of-bounds read bsc1250562. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.2CVSS6.9AI score0.00594EPSS
Exploits0References4
OSV
OSV
added 2025/10/23 10:26 a.m.2 views

SUSE-SU-2025:3752-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-11021: Ignored invalid date when processing cookies to prevent out-of-bounds read bsc1250562...

7.5CVSS6.9AI score0.00594EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/23 12:0 a.m.5 views

PT-2025-43454

In multiple locations, there is a possible background activity launch due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00072EPSS
Exploits0References5
CNVD
CNVD
added 2025/10/15 12:0 a.m.4 views

Bold Workplanner Insecure Direct Object Reference Vulnerability (CNVD-2025-24045)

Bold Workplanner is an enterprise software for human resource management from the Spanish company Bold Workplanner. Bold Workplanner suffers from an insecure direct object reference vulnerability that can be exploited by an attacker to access the date of current contract details using an...

7.1CVSS6.9AI score0.00234EPSS
Exploits0References1
Hacker One
Hacker One
added 2025/10/13 6:50 p.m.7 views

Nextcloud: BOLA/IDOR in Out-of-Office API allows any authenticated user to read other users' absence data

Summary The Out-of-Office OOO API endpoints at /ocs/v2.php/apps/dav/api/v1/outOfOffice/userId and /ocs/v2.php/apps/dav/api/v1/outOfOffice/userId/now suffer from a Broken Object Level Authorization BOLA vulnerability. Any authenticated user can retrieve the out-of-office data of any other user by...

5.9AI score
Exploits0
Circl
Circl
added 2025/10/10 9:10 p.m.6 views

CVE-2025-62245

creationtimestamp| type| source ---|---|--- 2025-10-10 21:10:04+00:00| seen| Telegram/8uZyiFoeOrHu64JO3fKUzmI8PYeUmmStUf4jYAEat7ZjMU 2025-10-13 20:14:21+00:00| seen| Telegram/LDfuhP-enyhct-bZfjpxgyQZRsCE1h8UxOafSmRbNXMVf6g...

5.1CVSS4.8AI score0.00178EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/08 12:0 a.m.5 views

PT-2025-41312

Name of the Vulnerable Software and Affected Versions CCleaner versions 5.33.6162 CCleaner Cloud versions 1.07.3191 Description CCleaner and CCleaner Cloud contained a malicious pre-entry-point loader that redirects execution to a custom loader. This loader decodes an embedded blob into shellcode...

9.3CVSS6.9AI score0.00483EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-2507

Malware in sbrugna...

5CVSS6.4AI score0.01293EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-0929

Malware in sbrugna...

3.6CVSS6.4AI score0.0041EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-1499

Malware in sbrugna...

8.8CVSS8.8AI score0.01655EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-0386

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01033EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-0371

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00991EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-3479

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.01306EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-0382

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00972EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-30687

Malicious code in bioql PyPI...

6.5CVSS5.8AI score0.00641EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/01 11:17 a.m.5 views

CVE-2025-41096

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the dates of the current contract details using unauthorised internal identifiers...

7.1CVSS6.6AI score0.00234EPSS
Exploits0References1
NVD
NVD
added 2025/09/30 11:37 a.m.3 views

CVE-2025-41096

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the dates of the current contract details using unauthorised internal identifiers...

7.1CVSS0.00234EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/30 11:16 a.m.6 views

CVE-2025-41096 Insecure Direct Object Reference in GPS BOLD Workplanner

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the dates of the current contract details using unauthorised internal identifiers...

7.1CVSS0.00234EPSS
Exploits0References1
Rows per page
Query Builder