Lucene search
K

24 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.9 views

CVE-2026-35462

Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, API keys with an expiresAt date are never validated against the current time during authentication. Any API key — regardless of its expiration date — is accepted indefinitely, allowing a user whose key has expire...

4.3CVSS5.5AI score0.00239EPSS
Exploits1References1
Snyk
Snyk
added 2026/03/27 3:23 a.m.2 views

Malicious Package

Overview react-expiry-date is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.6 views

PT-2026-1563

Name of the Vulnerable Software and Affected Versions MoneySpace plugin for WordPress versions prior to 2.13.9 Description The MoneySpace plugin for WordPress exhibits a sensitive information exposure issue. The plugin stores complete payment card details – including Primary Account Number PAN,...

8.6CVSS6.6AI score0.00372EPSS
Exploits0References12
Debian
Debian
added 2025/12/12 9:34 a.m.16 views

[SECURITY] [DLA 4403-1] tzdata new timezone database

------------------------------------------------------------------------- Debian LTS Advisory DLA-4403-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 12, 2025 https://wiki.debian.org/LTS -...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-31736

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0025EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/10/01 12:42 a.m.12 views

CVE-2025-52050

In Frappe ERPNext 15.57.5, the function getloyaltyprogramdetailswithpoints at erpnext/accounts/doctype/loyaltyprogram/loyaltyprogram.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the expirydate parameter...

6.5CVSS7.3AI score0.0025EPSS
Exploits1References1
NVD
NVD
added 2025/09/30 2:15 p.m.5 views

CVE-2025-52050

In Frappe ERPNext 15.57.5, the function getloyaltyprogramdetailswithpoints at erpnext/accounts/doctype/loyaltyprogram/loyaltyprogram.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the expirydate parameter...

6.5CVSS0.0025EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/09/30 12:0 a.m.7 views

PT-2025-39992

Name of the Vulnerable Software and Affected Versions Frappe ERPNext version 15.57.5 Description The get loyalty program details with points function located at erpnext/accounts/doctype/loyalty program/loyalty program.py is susceptible to SQL Injection. An attacker can inject a SQL query into the...

6.5CVSS7.3AI score0.0025EPSS
Exploits1References7
OSV
OSV
added 2025/09/30 12:0 a.m.4 views

CVE-2025-52050

In Frappe ERPNext 15.57.5, the function getloyaltyprogramdetailswithpoints at erpnext/accounts/doctype/loyaltyprogram/loyaltyprogram.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the expirydate parameter...

6.5CVSS7.3AI score0.0025EPSS
Exploits1References4
CVE
CVE
added 2025/09/30 12:0 a.m.15 views

CVE-2025-52050

CVE-2025-52050 affects Frappe ERPNext 15.57.5. The vulnerability is in function get_loyalty_program_details_with_points() (loyalty_program.py) and is caused by SQL injection via the expiry_date parameter, allowing an attacker to extract all information from databases. The connected documents prov...

6.5CVSS6.9AI score0.0025EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/09/30 12:0 a.m.11 views

CVE-2025-52050

In Frappe ERPNext 15.57.5, the function getloyaltyprogramdetailswithpoints at erpnext/accounts/doctype/loyaltyprogram/loyaltyprogram.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the expirydate parameter...

0.0025EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/09/30 12:0 a.m.5 views

Frappe Technologies Frappe 安全漏洞

Frappe Technologies Frappe is a Python, Mariadb-based web development framework with integrated front-end pages from Frappe Technologies, India. A security vulnerability exists in Frappe Technologies Frappe version 15.57.5, which stems from insufficient validation of the expirydate parameter and...

6.5CVSS7.6AI score0.0025EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/09/30 12:0 a.m.3 views

CVE-2025-52050

In Frappe ERPNext 15.57.5, the function getloyaltyprogramdetailswithpoints at erpnext/accounts/doctype/loyaltyprogram/loyaltyprogram.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the expirydate parameter...

6.9AI score0.0025EPSS
Exploits1References2
OSV
OSV
added 2025/06/13 1:31 a.m.5 views

MAL-2025-5051 Malicious code in react-expiry-date (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 744273ea7bca5335d9f20514a81c835c0cad1558b2b206721aed050a41f0acea Any computer that has this package installed or running should be considered...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/13 1:31 a.m.7 views

Malicious code in react-expiry-date (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 744273ea7bca5335d9f20514a81c835c0cad1558b2b206721aed050a41f0acea Any computer that has this package installed or running should be considered...

5.8AI score
Exploits0References1
Citrix
Citrix
added 2020/01/13 12:0 a.m.6 views

Error: The CSS expiry date in your license does not support this product version

After upgrading XenDesktop, error can be seen in Studio: "The Customer Success Services CSS expiry date in your license does not support this product version. This product version is not supported by licenses that are available on the License Server and connections cannot be made. Renew Customer...

7AI score
Exploits0
CNVD
CNVD
added 2018/09/25 12:0 a.m.4 views

PhonePe Information Disclosure Vulnerability

PhonePe wallet a.k.a. com.PhonePe.app application for Android is an Android-based cashless payment application by Phonepe Private India. A security vulnerability exists in versions 3.0.6 through 3.3.26 of the PhonePe Wallet application for Android-based platforms. The vulnerability can be exploit...

5.3CVSS5.5AI score0.01063EPSS
Exploits0References1
OSV
OSV
added 2018/09/23 10:29 p.m.3 views

CVE-2018-17402

The PhonePe wallet aka com.PhonePe.app application 3.0.6 through 3.3.26 for Android might allow attackers to discover the Credit/Debit card number, expiration date, and CVV number. NOTE: the vendor says that, to exploit this, the user has to explicitly install a malicious app and provide...

5.3CVSS5.8AI score0.01063EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/01/17 12:0 a.m.37 views

op5 Monitor Persistent Session Cookie

The remote web server has a version of op5 Monitor that improperly handles session cookies. The application sets an expiry date on cookies, causing logins to persist across sessions. Additionally, cookies are not reissued after login. Note that most versions affected by this vulnerability are als...

10CVSS5.5AI score0.04361EPSS
Exploits2References3
Redos
Redos
added 1976/01/01 12:0 a.m.4 views

ROS-2-2878

2.2878 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS RED SOFT LLC notifies of the extension of the validity of the previously obtained FSTEC of Russia Certificate of Conformity No. 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You c...

5.9AI score
Exploits0
Rows per page
Query Builder