Lucene search
K

256 matches found

NVD
NVD
added 2025/02/06 9:15 p.m.6 views

CVE-2025-1081

A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as problematic. This issue affects some unknown processing of the component WiFi Password Handler. The manipulation leads to use of weak credentials. The attack needs to be done within the local network. Th...

3.1CVSS0.00276EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/06 8:31 p.m.18 views

CVE-2025-1081 Bharti Airtel Xstream Fiber WiFi Password weak credentials

A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as problematic. This issue affects some unknown processing of the component WiFi Password Handler. The manipulation leads to use of weak credentials. The attack needs to be done within the local network. Th...

3.1CVSS0.00276EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/01/29 8:0 p.m.17 views

CVE-2025-0840 GNU Binutils objdump.c disassemble_bytes stack-based overflow

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

6.3CVSS0.00732EPSS
Exploits1References7
NVD
NVD
added 2025/01/27 6:15 p.m.25 views

CVE-2025-0733

A vulnerability, which was classified as problematic, was found in Postman up to 11.20 on Windows. This affects an unknown part in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

4.5CVSS0.00161EPSS
Exploits0References3
CVE
CVE
added 2024/12/11 8:0 p.m.65 views

CVE-2024-12483

CVE-2024-12483 affects Dromara UJCMS up to version 9.6.3, via an insecure direct object reference in the file path component “/users/id” of the User ID Handler. The vulnerability enables unauthenticated or remote exploitation that leads to an authorization bypass, with attackers able to discover ...

6.3CVSS4.3AI score0.03439EPSS
Exploits3References4Affected Software1
Cvelist
Cvelist
added 2024/11/12 2:31 p.m.16 views

CVE-2024-11126 Digistar AG-30 Plus Login Page excessive authentication

A vulnerability was found in Digistar AG-30 Plus 2.6b. It has been classified as problematic. Affected is an unknown function of the component Login Page. The manipulation leads to improper restriction of excessive authentication attempts. The complexity of an attack is rather high. The...

3.1CVSS0.00284EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/10 5:31 a.m.20 views

CVE-2024-11049 ZKTeco ZKBio Time Image File photo direct request

A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is an unknown function of the file /authfiles/photo/ of the component Image File Handler. The manipulation leads to direct request. It is possible to launch the attack remotely. The complexity of an atta...

6.3CVSS0.00423EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/11/10 5:31 a.m.22 views

CVE-2024-11049 ZKTeco ZKBio Time Image File photo direct request

A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is an unknown function of the file /authfiles/photo/ of the component Image File Handler. The manipulation leads to direct request. It is possible to launch the attack remotely. The complexity of an atta...

6.3CVSS6.7AI score0.00423EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/11/04 12:31 a.m.17 views

CVE-2024-10749 ThinkAdmin Plugs.php script deserialization

A vulnerability, which was classified as critical, was found in ThinkAdmin up to 6.1.67. Affected is the function script of the file /app/admin/controller/api/Plugs.php. The manipulation of the argument uptoken leads to deserialization. It is possible to launch the attack remotely. The complexity...

5CVSS6.9AI score0.00506EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/10/19 3:0 p.m.13 views

CVE-2024-10141 jsbroks COCO Annotator Session predictable state

A vulnerability, which was classified as problematic, was found in jsbroks COCO Annotator 0.11.1. This affects an unknown part of the component Session Handler. The manipulation of the argument SECRETKEY leads to predictable from observable state. It is possible to initiate the attack remotely. T...

6.3CVSS4.3AI score0.00802EPSS
Exploits1References5
NVD
NVD
added 2024/10/17 5:15 p.m.9 views

CVE-2024-10073

A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\models\clustering.py of the component Mode File Loader. The manipulation leads to code injection. It is possible to launch the attack remotely. The...

7.5CVSS0.00537EPSS
Exploits0References5
CVE
CVE
added 2024/10/17 4:31 p.m.44 views

CVE-2024-10073

flairNLP flair 0.14.0 is affected by a code-injection vulnerability in the ClusteringModel function located in flair/models/clustering.py (Mode File Loader). The issue allows remote code execution and is described as high severity; attack complexity is listed as high and exploitation has been dis...

7.5CVSS5.8AI score0.00537EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/17 2:0 p.m.12 views

CVE-2005-10003 mikexstudios Xcomic os command injection

A vulnerability classified as critical has been found in mikexstudios Xcomic up to 0.8.2. This affects an unknown part. The manipulation of the argument cmd leads to os command injection. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitabilit...

6.3CVSS7.5AI score0.01693EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/10/17 12:0 a.m.4 views

PT-2024-16009 · Flairnlp · Flairnlp

Name of the Vulnerable Software and Affected Versions: flairNLP flair version 0.14.0 Description: A critical vulnerability was found in the function ClusteringModel of the file flairmodelsclustering.py of the component Mode File Loader. The manipulation leads to code injection. It is possible to...

7.5CVSS7.5AI score0.00537EPSS
Exploits0References14
Atlassian
Atlassian
added 2024/10/08 10:25 p.m.39 views

Bundled JRE Dependency in Bitbucket Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 8.9.0, 8.19.0, and 9.2.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to expose assets in your environment susceptible...

7.4CVSS6.9AI score0.01136EPSS
Exploits0
NVD
NVD
added 2024/10/04 1:15 p.m.35 views

CVE-2024-9513

A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /controller/api/Answer/ReturnUserQuestionsFilled of the component HTTP POST Request Handler. The manipulation of the argument...

6.3CVSS0.01635EPSS
Exploits3References3
Cvelist
Cvelist
added 2024/09/26 5:0 p.m.29 views

CVE-2024-9203 Enpass Password Manager sensitive information in memory

A vulnerability, which was classified as problematic, has been found in Enpass Password Manager up to 6.9.5 on Windows. This issue affects some unknown processing. The manipulation leads to cleartext storage of sensitive information in memory. An attack has to be approached locally. The complexit...

2.5CVSS0.00136EPSS
Exploits0References4
OSV
OSV
added 2024/09/21 9:15 a.m.10 views

CVE-2024-9048

A vulnerability was found in yproject RuoYi up to 4.7.9. It has been declared as problematic. Affected by this vulnerability is the function SysUserServiceImpl of the file ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java of the component Backend User Import. The...

6.1CVSS6.1AI score
Exploits0References5
Cvelist
Cvelist
added 2024/09/21 8:31 a.m.21 views

CVE-2024-9048 y_project RuoYi Backend User Import SysUserServiceImpl.java SysUserServiceImpl cross site scripting

A vulnerability was found in yproject RuoYi up to 4.7.9. It has been declared as problematic. Affected by this vulnerability is the function SysUserServiceImpl of the file ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java of the component Backend User Import. The...

6.3CVSS0.00385EPSS
Exploits0References5
OSV
OSV
added 2024/09/17 9:30 p.m.8 views

GHSA-PWWP-3Q7J-9MX8 Use After Free in MicroPython

A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is rather high. The...

6.3CVSS6.5AI score0.01029EPSS
Exploits1References10
Rows per page
Query Builder