Lucene search
K

4 matches found

OSV
OSV
added 2025/11/04 8:18 p.m.8 views

CVE-2025-32786 GLPI Inventory Plugin is Vulnerable to Unauthenticated SQL Injection

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1...

7.5CVSS7.5AI score0.06576EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-1299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

8.8CVSS7.8AI score0.00532EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/11 5:59 p.m.2 views

CVE-2025-54063 Cherry Studio One-click Remote Code Execution Vulnerability through Custom URL Handling

Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.4.8 to 1.5.0, there is a one-click remote code execution vulnerability through the custom URL handling. An attacker can exploit this by hosting a malicious website or embedding a specially crafted URL on a...

8CVSS8AI score0.00708EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/20 4:34 p.m.41 views

Security Bulletin: IBM DataPower Operator affected by flaw in Go (CVE-2022-23773)

Summary This is a build-time issue that does not affect product code, but may be flagged in customer scans. IBM has addressed the CVE. Vulnerability Details CVEID: CVE-2022-23773 DESCRIPTION: An unspecified error with not treating branches with semantic-version names as releases in cmd/go in Gola...

7.5CVSS1.5AI score0.02698EPSS
Exploits0Affected Software1
Rows per page
Query Builder