Lucene search
K

4722 matches found

OSV
OSV
added 2025/03/31 4:1 p.m.5 views

CGA-7XGJ-C952-CRC5

Bulletin has no description...

4.4CVSS7.2AI score0.00384EPSS
Exploits2
OSV
OSV
added 2025/03/31 4:1 p.m.6 views

CGA-4QF6-VWM8-3RQ3

Bulletin has no description...

7.5CVSS7.2AI score0.00693EPSS
Exploits0
OSV
OSV
added 2025/03/31 4:1 p.m.2 views

CGA-P9J3-HCG8-GQG2

Bulletin has no description...

4.4CVSS7.2AI score0.00384EPSS
Exploits2
OSV
OSV
added 2025/03/31 4:0 p.m.2 views

CGA-P2QF-QX28-FRXJ

Bulletin has no description...

7.5CVSS7.2AI score0.00804EPSS
Exploits0
OSV
OSV
added 2025/03/24 7:15 p.m.5 views

CVE-2025-2746

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through...

9.8CVSS5.8AI score0.58431EPSS
Exploits1References5
Snyk
Snyk
added 2025/03/24 6:43 p.m.4 views

Missing Critical Step in Authentication

Overview Kentico.Xperience.Libraries is a package for libraries and applications that use Kentico Xperience API. Affected versions of this package are vulnerable to Missing Critical Step in Authentication due to improper handling of empty SHA1 usernames in digest authentication, when the Staging...

9.8CVSS6.9AI score0.58431EPSS
Exploits1References2
Snyk
Snyk
added 2025/03/20 6:47 p.m.1 views

Weak Password Requirements

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Weak Password Requirements due to the lack of enforcement on...

5.5CVSS7.3AI score0.00336EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2025/03/14 2:57 a.m.3 views

SUSE CVE-2025-27112

Navidrome is an open source web-based music collection server and streamer. Starting in version 0.52.0 and prior to version 0.54.5, in certain Subsonic API endpoints, a flaw in the authentication check process allows an attacker to specify any arbitrary username that does not exist on the system,...

6.5CVSS7.2AI score0.00936EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/12 8:25 p.m.3 views

Malicious code in array-empty-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9923e27ee77980880cfc13a3c78c4903c58bed58f9257ac0407d57841fcc7853 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/12 8:25 p.m.4 views

Malicious code in empty-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e4f29eb4e06a456c0243473ddb4cf4b5953ab107489b4a79b5f3ccbebf67ebcd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/12 8:25 p.m.6 views

Malicious code in empty-array-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 349e81874005a4e4ed11f5e452324e817f3fc61d4a22f5237445d562df83fb60 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/03/12 8:25 p.m.5 views

MAL-2025-2296 Malicious code in array-empty-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9923e27ee77980880cfc13a3c78c4903c58bed58f9257ac0407d57841fcc7853 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/03/12 8:25 p.m.6 views

MAL-2025-2307 Malicious code in empty-array-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 349e81874005a4e4ed11f5e452324e817f3fc61d4a22f5237445d562df83fb60 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/03/12 8:25 p.m.4 views

MAL-2025-2308 Malicious code in empty-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e4f29eb4e06a456c0243473ddb4cf4b5953ab107489b4a79b5f3ccbebf67ebcd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/03/11 3:49 a.m.2 views

SUSE CVE-2023-52969

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

4.9CVSS7AI score0.00432EPSS
Exploits0References11
OSV
OSV
added 2025/03/08 11:15 p.m.6 views

AZL-58073 CVE-2023-52969 affecting package mariadb for versions less than 10.6.24-1

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

4.9CVSS7AI score0.00432EPSS
Exploits0References1
OSV
OSV
added 2025/03/08 11:15 p.m.2 views

DEBIAN-CVE-2023-52969

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

4.9CVSS6AI score0.00432EPSS
Exploits0References1
OSV
OSV
added 2025/03/08 11:15 p.m.6 views

AZL-58082 CVE-2023-52969 affecting package mariadb for versions less than 10.11.15-1

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

4.9CVSS7AI score0.00432EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/08 12:0 a.m.13 views

CVE-2023-52969

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

4.9CVSS7.1AI score0.00432EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/08 12:0 a.m.2 views

MariaDB 安全漏洞

MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A security vulnerability exists in MariaDB that stems from sometimes crashing due to empty traceback logs, possibly related to makeaggrtablesinfo a...

4.9CVSS5AI score0.00432EPSS
Exploits0References3
Rows per page
Query Builder