CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2023-42303

Malicious code in bioql PyPI...

8.2CVSS8.2AI score0.00095EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-41431

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00144EPSS

Exploits1References2

RedhatCVE•added 2025/05/23 10:28 a.m.•7 views

CVE-2024-45308

HedgeDoc is an open source, real-time, collaborative, markdown notes application. When using HedgeDoc 1 with MySQL or MariaDB, it is possible to create notes with an alias matching the ID of existing notes. The affected existing note can then not be accessed anymore and is effectively hidden by t...

6.5CVSS7AI score0.00144EPSS

Exploits1

NVD•added 2024/09/02 6:15 p.m.•16 views

CVE-2024-45308

6.5CVSS0.00144EPSS

Exploits1References2

Vulnrichment•added 2024/09/02 4:40 p.m.•14 views

CVE-2024-45308 MySQL & free URL mode allows to hide existing notes in hedgedoc

6.5CVSS7AI score0.00144EPSS

Exploits1References2

Cvelist•added 2024/09/02 4:40 p.m.•13 views

CVE-2024-45308 MySQL & free URL mode allows to hide existing notes in hedgedoc

6.5CVSS0.00144EPSS

Exploits1References2

OSV•added 2024/09/02 4:40 p.m.•15 views

CVE-2024-45308 MySQL & free URL mode allows to hide existing notes in hedgedoc

6.5CVSS6.7AI score0.00144EPSS

Exploits1References4

CVE•added 2024/09/02 4:40 p.m.•47 views

CVE-2024-45308

HedgeDoc (the HedgeDoc project) contains a vulnerability affecting deployments using MySQL or MariaDB where an alias can be created equal to the ID of an existing note. The new note’s alias hides the original note and, in freeURL mode, can be created by users with appropriate permissions or, depe...

6.5CVSS6.5AI score0.00144EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2024/09/02 12:0 a.m.•3 views

PT-2024-31561 · Oracle +1 · Mysql Server +1

Name of the Vulnerable Software and Affected Versions: HedgeDoc versions prior to 1.10.0 Description: HedgeDoc is an open source, real-time, collaborative, markdown notes application. When using HedgeDoc with MySQL or MariaDB, it is possible to create notes with an alias matching the ID of existi...

6.5CVSS7.1AI score0.00144EPSS

Exploits1References8

Prion•added 2023/08/04 4:15 p.m.•18 views

Code injection

HedgeDoc is software for creating real-time collaborative markdown notes. Prior to version 1.9.9, the API of HedgeDoc 1 can be used to create notes with an alias matching the ID of existing notes. The affected existing note can then not be accessed anymore and is effectively hidden by the new one...

6.4CVSS8AI score0.00095EPSS

Exploits1References2Affected Software1

CVE•added 2023/08/04 3:40 p.m.•2493 views

CVE-2023-38487

CVE-2023-38487 – HedgeDoc : Prior to 1.9.9, the HedgeDoc API allows creating a note with an alias equal to an existing note ID via POST /new/ when freeURL is enabled. The system does not verify the alias against existing IDs, so a new note can shadow the original; access may be redirected to the ...

8.2CVSS7.2AI score0.00095EPSS

Exploits1References2Affected Software1

OSV•added 2023/08/04 3:40 p.m.•13 views

CVE-2023-38487 HedgeDoc API allows to hide existing notes

6.5CVSS8AI score0.00095EPSS

Exploits1References4

Vulnrichment•added 2023/08/04 3:40 p.m.•12 views

CVE-2023-38487 HedgeDoc API allows to hide existing notes

6.5CVSS8.1AI score0.00095EPSS

Exploits1References2

Cvelist•added 2023/08/04 3:40 p.m.•23 views

CVE-2023-38487 HedgeDoc API allows to hide existing notes