Lucene search
K

11 matches found

Vulnrichment
Vulnrichment
added 2026/05/05 11:24 a.m.7 views

CVE-2023-54342 Eclipse Equinox OSGi 3.8-3.18 Console Remote Code Execution

Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the fork command functionality. Attackers can establish a telnet connection to the OSGi console,...

9.8CVSS6.7AI score0.00455EPSS
Exploits0References2
OSV
OSV
added 2026/04/10 7:7 a.m.4 views

MAL-2026-2823 Malicious code in @genoma-ui/components (npm)

Malicious package detected. It uses pre/post install scripts to download/execute code and exfiltrate user data via curl from a hardcoded IP. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5fb9acd5bf2a73c82be9ac19b7c0cad285cfea2a4b6ff69655f61e7e4a0c26c The...

5.8AI score
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-28758

Malware in sbrugna...

9.8CVSS9.2AI score0.00733EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-8801

Malware in sbrugna...

9.8CVSS9.4AI score0.0161EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-1981

Malicious code in bioql PyPI...

8.1CVSS6.4AI score0.00222EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/03 12:0 a.m.2 views

CVE-2025-60449

An information disclosure vulnerability has been discovered in SeaCMS 13.1. The vulnerability exists in the adminsafe.php component located in the /btcoan/ directory. This security flaw allows authenticated administrators to scan and download not only the application’s source code but also...

6.2AI score0.00342EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/04/11 4:5 p.m.15 views

CVE-2023-22635

A download of code without Integrity check vulnerability CWE-494 in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate...

7.3CVSS7AI score0.00121EPSS
Exploits0References1
NVD
NVD
added 2020/11/24 7:15 p.m.23 views

CVE-2020-28332

Barco wePresent WiPG-1600W devices download code without an Integrity Check. Affected Versions: 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W firmware does not perform verification of digitally signed firmware updates and is susceptible to processing and installing...

9.8CVSS9.7AI score0.01079EPSS
Exploits3References2
OSV
OSV
added 2019/04/02 2:29 p.m.3 views

CVE-2018-1906

IBM InfoSphere Information Server 11.3, 11.5, and 11.7could allow an authenticated user to download code using a specially crafted HTTP request. IBM X-Force ID: 152663...

6.5CVSS5.8AI score
Exploits0References3
Node.js
Node.js
added 2016/12/01 7:33 p.m.44 views

Downloads Resources over HTTP

Overview Affected versions of xd-testing insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution o...

9.3CVSS6.2AI score0.01752EPSS
Exploits0Affected Software1
Ubuntu
Ubuntu
added 2014/01/21 1:46 p.m.59 views

USN-2085-1: HPLIP vulnerabilities

It was discovered that the HPLIP Polkit daemon incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu 12.04 LTS and higher, this should be prevented by the Yama link restrictions. CVE-2013-6402 It was...

6.8CVSS7.8AI score0.03945EPSS
Exploits1
Rows per page
Query Builder