Lucene search
K

29752 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-2060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site Scripting XSS - Stored in GitHub repository dolibarr/dolibarr prior to 16.0. CVE-2022-2060 Note that Nessus relies on the presence of the package as...

8.4CVSS6.7AI score0.00863EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-3873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site Scripting XSS - DOM in GitHub repository jgraph/drawio prior to 20.5.2. CVE-2022-3873 Note that Nessus relies on the presence of the package as...

6.5CVSS6.6AI score0.00624EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-7664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of the package github.com/unknwon/cae/zip, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or...

7.5CVSS7.3AI score0.01419EPSS
Exploits1References2
NVD
NVD
added 2025/09/09 9:15 p.m.11 views

CVE-2025-58763

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. A command injection vulnerability in Tautulli v2.15.3 and prior allows attackers with administrative privileges to obtain remote code execution on the application server. This vulnerability requires the application to...

8CVSS0.01675EPSS
Exploits1References1
CVE
CVE
added 2025/09/09 8:13 p.m.23 views

CVE-2025-58763

Tautulli (Python-based Plex monitoring) has a command-injection vulnerability affecting v2.15.3 and earlier. The flaw arises when cloning from GitHub and installing manually, where the update/version logic calls runGit via subprocess.Popen with shell=True. The checkout_git_branch path stores un s...

8CVSS8.2AI score0.01675EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/09/09 8:13 p.m.7 views

CVE-2025-58763 Tautulli vulnerable to Authenticated Remote Code Execution via Command Injection

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. A command injection vulnerability in Tautulli v2.15.3 and prior allows attackers with administrative privileges to obtain remote code execution on the application server. This vulnerability requires the application to...

8CVSS0.01675EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/09/09 8:13 p.m.4 views

CVE-2025-58763 Tautulli vulnerable to Authenticated Remote Code Execution via Command Injection

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. A command injection vulnerability in Tautulli v2.15.3 and prior allows attackers with administrative privileges to obtain remote code execution on the application server. This vulnerability requires the application to...

8CVSS8.2AI score0.01675EPSS
Exploits1References1
Circl
Circl
added 2025/09/09 4:23 p.m.6 views

CVE-2025-54908

creationtimestamp| type| source ---|---|--- 2025-09-09 16:23:23+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0278 2025-09-09 17:06:15+00:00| seen| https://www.thezdi.com/blog/2025/9/9/the-september-2025-security-update-review 2025-09-09 17:40:08+00:00| seen|...

7.8CVSS5.5AI score0.00558EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2025/09/09 3:23 p.m.7 views

keeshond_editor (>=0.1.0 <=0.13.0), keeshond_migrator (>=0.1.0 <=0.1.1) +2 more potentially affected by unknown CVE via toodee (>=0.2.4 <=0.3.0)

toodee CARGO version =0.2.4, =0.1.0, =0.1.0, =0.10.0, =0.13.0 Source cves: unknown CVE Source advisory: OSV:GHSA-PFP7-VXGR-83PW...

5.8AI score
Exploits0
Circl
Circl
added 2025/09/09 10:14 a.m.12 views

CVE-2025-10109

creationtimestamp| type| source ---|---|--- 2025-09-09 10:14:27+00:00| seen| https://gist.github.com/Darkcrai86/fd2fe6ea20ccb37f56e3bdc9b171c8e7...

9.8CVSS7.3AI score0.00387EPSS
Exploits1References1
Circl
Circl
added 2025/09/09 9:16 a.m.9 views

CVE-2024-33326

creationtimestamp| type| source ---|---|--- 2025-09-09 09:16:31+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-33326.yaml 2025-09-10 21:02:32+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lyj4ykkqt227 2025-09-27...

6.1CVSS5.7AI score0.0081EPSS
Exploits1References3
OSV
OSV
added 2025/09/09 5:40 a.m.3 views

BIT-JUPYTERLAB-2024-39700 Remote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub Action

JupyterLab extension template is a copier template for JupyterLab extensions. Repositories created using this template with test option include update-integration-tests.yml workflow which has an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to...

9.9CVSS7.1AI score0.01024EPSS
Exploits3References3
Snyk
Snyk
added 2025/09/08 6:31 p.m.5 views

Arbitrary Code Injection

Overview simstudio is a Sim Studio CLI - Run Sim Studio with a single command Affected versions of this package are vulnerable to Arbitrary Code Injection via the route.ts function. An attacker can execute arbitrary code by supplying crafted input to the code argument. Remediation A fix was pushe...

9.8CVSS7AI score0.00703EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2025/09/08 3:26 p.m.6 views

GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies

Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/08 3:2 p.m.2 views

GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms

Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver malware to unsuspecting users looking for popular tools like GitHub Desktop. While malvertising campaigns have become commonplace in recent years, the late...

6AI score
Exploits0
OSV
OSV
added 2025/09/08 2:13 p.m.4 views

GO-2025-3921 Coder accepts an APIKey beyond the linked OIDC expiry if there is no refresh token in github.com/coder/coder

Coder accepts an APIKey beyond the linked OIDC expiry if there is no refresh token in github.com/coder/coder...

7AI score
Exploits0References2
OSV
OSV
added 2025/09/08 2:13 p.m.3 views

GO-2025-3923 Rancher affected by unauthenticated Denial of Service in github.com/rancher/rancher

Rancher affected by unauthenticated Denial of Service in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners,...

8.2CVSS6.7AI score0.00482EPSS
Exploits0References6
OSV
OSV
added 2025/09/08 2:13 p.m.2 views

GO-2025-3927 Rancher Fleet Helm Values are stored inside BundleDeployment in plain text in github.com/rancher/fleet

Rancher Fleet Helm Values are stored inside BundleDeployment in plain text in github.com/rancher/fleet...

7.7CVSS6.6AI score0.00217EPSS
Exploits0References2
OSV
OSV
added 2025/09/08 2:13 p.m.4 views

GO-2025-3934 Argo CD's Project API Token Exposes Repository Credentials in github.com/argoproj/argo-cd

Argo CD's Project API Token Exposes Repository Credentials in github.com/argoproj/argo-cd...

9.9CVSS6.8AI score0.04518EPSS
Exploits1References3
OSV
OSV
added 2025/09/08 2:13 p.m.9 views

GO-2025-3937 Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos...

5.4CVSS5.6AI score0.00236EPSS
Exploits1References5
Rows per page
Query Builder