Lucene search
K

132 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-0210

Malware in sbrugna...

7.5CVSS6.1AI score0.02883EPSS
Exploits0References17
Snyk
Snyk
added 2025/09/22 9:10 p.m.4 views

Unsafe Dependency Resolution

Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the Skin feature. An attacker can cause unauthorized theme loading and potentially execute...

7.3CVSS7.5AI score0.00322EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/22 9:10 p.m.4 views

Unsafe Dependency Resolution

Overview Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the Skin feature. An attacker can cause unauthorized theme loading and potentially execute arbitrary code by supplying crafted query parameters to load unused or outdated themes. Remediation Upgrade...

7.3CVSS7.6AI score0.00322EPSS
Exploits0References2
Fedora
Fedora
added 2025/09/13 2:43 a.m.6 views

[SECURITY] Fedora 41 Update: uv-0.8.11-2.fc41

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

2.3CVSS6.6AI score0.00303EPSS
Exploits0
Fedora
Fedora
added 2025/09/12 7:32 p.m.6 views

[SECURITY] Fedora 43 Update: uv-0.8.11-2.fc43

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

2.3CVSS6.6AI score0.00303EPSS
Exploits0
Fedora
Fedora
added 2025/07/10 4:30 p.m.6 views

[SECURITY] Fedora 41 Update: uv-0.7.13-4.fc41

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

7AI score
Exploits0
Fedora
Fedora
added 2025/07/10 3:22 p.m.8 views

[SECURITY] Fedora 42 Update: uv-0.7.13-4.fc42

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

7AI score
Exploits0
Snyk
Snyk
added 2025/06/10 9:31 p.m.3 views

Unsafe Dependency Resolution

Overview @nx/azure-cache is an A Nx plugin which provides a Nx cache which can be self hosted on Azure Blob Storage. Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the build cache process. An attacker can inject compromised artifacts into trusted production...

9.9CVSS6.6AI score0.00192EPSS
Exploits0References2
Snyk
Snyk
added 2025/03/20 12:32 p.m.3 views

Unsafe Dependency Resolution

Overview kedro is a Kedro helps you build production-ready data and analytics pipelines Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the pullpackage API function. An attacker can execute arbitrary commands on the victim's machine by exploiting the...

8.8CVSS9AI score0.00986EPSS
Exploits0References2
Snyk
Snyk
added 2025/03/07 4:42 p.m.3 views

Unsafe Dependency Resolution

Overview python-json-logger is a JSON Log Formatter for the Python Logging Package Affected versions of this package are vulnerable to Unsafe Dependency Resolution through the deletion of a critical dependency which could be maliciously claimed by a third party. An attacker can execute arbitrary...

8.8CVSS8.5AI score0.01451EPSS
Exploits1References2
Snyk
Snyk
added 2025/03/04 10:40 p.m.1 views

Unsafe Dependency Resolution

Overview conda-forge-metadata is a programatic access to conda-forge's metadata Affected versions of this package are vulnerable to Unsafe Dependency Resolution due to an unclaimed optional dependency. The package specifies an optional dependency on conda-oci-mirror, which is neither present on t...

10CVSS6.8AI score0.00582EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.19 views

Fedora: Security Advisory for maven-common-artifact-filters (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02578EPSS
Exploits3References2
Fedora
Fedora
added 2024/03/07 10:33 p.m.28 views

[SECURITY] Fedora 40 Update: maven-resolver-1.9.18-3.fc40

Apache Maven Artifact Resolver is a library for working with artifact repositories and dependency resolution. Maven Artifact Resolver deals with the specification of local repository, remote repository, developer workspaces, artifact transports and artifact resolution...

8.8CVSS9AI score0.02578EPSS
Exploits3
Fedora
Fedora
added 2024/03/07 10:33 p.m.21 views

[SECURITY] Fedora 40 Update: maven-common-artifact-filters-3.3.2-6.fc40

A collection of ready-made filters to control inclusion/exclusion of artifacts during dependency resolution...

8.8CVSS8.3AI score0.02578EPSS
Exploits3
OSV
OSV
added 2024/01/17 12:0 a.m.27 views

ALSA-2024:0265 Important: java-1.8.0-openjdk security and bug fix update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing side-channel...

7.4CVSS7.3AI score0.01026EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.7 views

Debian: Security Advisory (DLA-1434-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.4 views

SUSE CVE-2006-4112

Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service application hang or "data loss," a differen...

7.5CVSS7.8AI score0.02883EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2022/12/14 2:7 p.m.15 views

libsolv bug fix and enhancement update

An update is available for libsolv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libsolv packages provide a library for resolving package dependencies usi...

1.6AI score
Exploits0
Rockylinux
Rockylinux
added 2021/11/09 9:18 a.m.34 views

libsolv security and bug fix update

An update is available for libsolv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libsolv packages provide a library for resolving package dependencies usi...

4.3CVSS5.7AI score0.01313EPSS
Exploits1
Veracode
Veracode
added 2020/03/02 7:11 a.m.8 views

Man-in-the-Middle (MitM)

ratis is vulnerable to man-in-the-middle MitM. The vulnerability exists as it does not use https when resolving dependencies from the maven repositories...

0.3AI score
Exploits0
Rows per page
Query Builder