Lucene search
K

22 matches found

vulnersOsv
vulnersOsv
added 2026/04/22 6:30 a.m.9 views

cc.chensoul.nacos:nacos-distribution (=2.5.2), cn.sparrowmini:sparrow-org-service (=0.0.1) +625 more potentially affected by CVE-2026-22746 via org.springframework.security:spring-security-core (>=5.8.0 <=5.8.2)

org.springframework.security:spring-security-core MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =2.6.0 and more Source cves: CVE-2026-22746 Source advisory: OSV:GHSA-VXF7-QJ7Q-83FH...

3.7CVSS5.8AI score0.00215EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/20 12:31 a.m.9 views

cc.chensoul.nacos:nacos-distribution (=2.5.2), com.buession.security:buession-security-spring (>=3.0.0 <=3.0.1) +521 more potentially affected by CVE-2026-22732 via org.springframework.security:spring-security-web (>=5.8.0 <=5.8.16)

org.springframework.security:spring-security-web MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =4.5.0, =4.5.0, =4.5.1 and more Source cves: CVE-2026-22732 Source advisory: OSV:GHSA-MF92-479X-3373...

9.1CVSS5.8AI score0.0048EPSS
Exploits2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-4776

Malicious code in bioql PyPI...

9.4CVSS7.8AI score0.00917EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2025/06/06 3:49 p.m.8 views

com.erudika:para-jar (>=1.30.0 <=1.50.7), com.erudika:para-war (>=1.24.4 <=1.49.5) potentially affected by CVE-2025-49009 via com.erudika:para-server (>=1.24.4 <=1.50.7)

com.erudika:para-server MAVEN version =1.24.4, =1.30.0, =1.24.4, =1.49.5 Source cves: CVE-2025-49009 Source advisory: OSV:GHSA-QX7G-FX8Q-545G...

6.2CVSS5.8AI score0.00145EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/06/05 5:42 p.m.14 views

com.erudika:para-jar (>=1.30.0 <=1.50.7), com.erudika:para-war (>=1.24.4 <=1.49.5) potentially affected by CVE-2025-49009 via com.erudika:para-server (>=1.24.4 <=1.50.7)

com.erudika:para-server MAVEN version =1.24.4, =1.30.0, =1.24.4, =1.49.5 Source cves: CVE-2025-49009 Source advisory: SNYK:JAVA-COMERUDIKA-10304840...

6.2CVSS5.8AI score0.00145EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 11:5 p.m.8 views

CVE-2022-1848

Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...

9CVSS6.6AI score0.0096EPSS
Exploits1References1
NVD
NVD
added 2022/05/24 1:15 p.m.31 views

CVE-2022-1848

Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...

9CVSS0.0096EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/05/24 1:15 p.m.7 views

CVE-2022-1848

Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...

9CVSS6.8AI score0.0096EPSS
Exploits1References3
Prion
Prion
added 2022/05/24 1:15 p.m.19 views

Code injection

Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...

4.3CVSS5.3AI score0.0096EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/05/24 10:40 a.m.96 views

CVE-2022-1848

CVE-2022-1848 affects the Erudika Para project prior to version 1.45.11. Multiple connected sources describe a business logic error, including a race condition in com.erudika:para-core (validateObject) that can allow a user to abuse account/app-related logic. This is documented across sources (Gi...

9CVSS5.6AI score0.0096EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/05/24 10:40 a.m.29 views

CVE-2022-1848 Business Logic Errors in erudika/para

Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...

9CVSS5.6AI score0.0096EPSS
Exploits1References2
OSV
OSV
added 2022/05/24 10:40 a.m.22 views

CVE-2022-1848 Business Logic Errors in erudika/para

Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...

9CVSS7.5AI score0.0096EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/05/24 12:0 a.m.2 views

Erudika Para 安全漏洞

Erudika Para is a command line interface from Erudika Bulgaria. A security vulnerability exists in Erudika Para prior to version 1.45.11 that stems from a business logic error...

9CVSS7.2AI score0.0096EPSS
Exploits1References3
CNVD
CNVD
added 2022/05/20 12:0 a.m.16 views

Erudika Para Cross-Site Scripting Vulnerability

Erudika Para is a command-line interface from the Bulgarian company Erudika. cross-site scripting vulnerability exists in versions prior to Erudika Para v1.45.11, which stems from a function in Utils.java that lacks filtering and escaping for user data. An attacker could use this vulnerability to...

4.3CVSS4.4AI score0.00917EPSS
Exploits1Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/19 12:0 a.m.18 views

Cross-site Scripting in com.erudika:para-core

Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...

9.4CVSS1.3AI score0.00917EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/05/19 12:0 a.m.4 views

GHSA-PHVW-R25P-8XV7 Cross-site Scripting in com.erudika:para-core

Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...

9.4CVSS6.9AI score0.00917EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/05/18 3:15 p.m.4 views

CVE-2022-1782

Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...

9.4CVSS6.9AI score0.00917EPSS
Exploits1References3
Prion
Prion
added 2022/05/18 3:15 p.m.13 views

Cross site scripting

Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...

4.3CVSS6AI score0.00917EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/05/18 9:0 a.m.32 views

CVE-2022-1782 Cross-site Scripting (XSS) - Generic in erudika/para

Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...

9.4CVSS6.2AI score0.00917EPSS
Exploits1References2
CVE
CVE
added 2022/05/18 9:0 a.m.99 views

CVE-2022-1782

CVE-2022-1782 affects the GitHub repo erudika/para, with a Cross-site Scripting (XSS) vulnerability in versions prior to v1.45.11. The root cause is described as a data handling flaw in the code path (Utils.java) that fails to filter/escape user input, enabling an attacker to inject JavaScript. I...

9.4CVSS6.2AI score0.00917EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder