Lucene search
K

29878 matches found

Chainguard
Chainguard
added 2025/09/11 2:22 p.m.3 views

GHSA-FR2G-FCJJ-V8HC vulnerabilities

Vulnerabilities for packages: linux-qemu, linux-vmware, linux-qemu-rc...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2025/09/11 7:51 a.m.2 views

GHSA-3PVJ-Q7QJ-89FG vulnerabilities

Vulnerabilities for packages: libssh2, libssh...

5.8AI score
Exploits0
Circl
Circl
added 2025/09/10 5:15 p.m.5 views

CVE-2025-10157

creationtimestamp| type| source ---|---|--- 2025-09-10 17:15:33+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-f7qq-56ww-84cr...

9.3CVSS7.4AI score0.00761EPSS
Exploits1References1
Wolfi
Wolfi
added 2025/09/10 1:53 p.m.3 views

GHSA-RRJV-57MM-J6CM vulnerabilities

Vulnerabilities for packages: nodejs...

7AI score
Exploits0
Wolfi
Wolfi
added 2025/09/10 1:53 p.m.2 views

GHSA-GCF6-VGCR-474F vulnerabilities

Vulnerabilities for packages: nodejs...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-7664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of the package github.com/unknwon/cae/zip, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or...

7.5CVSS7.3AI score0.01419EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-2060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site Scripting XSS - Stored in GitHub repository dolibarr/dolibarr prior to 16.0. CVE-2022-2060 Note that Nessus relies on the presence of the package as...

8.4CVSS6.7AI score0.00863EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2025/09/10 12:0 a.m.2 views

Phish-Blitz: Advancing Phishing Detection with Comprehensive Webpage Resource Collection and Visual Integrity Preservation

Phishing attacks are increasingly prevalent, with adversaries creating deceptive webpages to steal sensitive information. Despite advancements in machine learning and deep learning for phishing detection, attackers constantly develop new tactics to bypass detection models. As a result, phishing...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-3873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site Scripting XSS - DOM in GitHub repository jgraph/drawio prior to 20.5.2. CVE-2022-3873 Note that Nessus relies on the presence of the package as...

6.5CVSS6.6AI score0.00624EPSS
Exploits1References2
NVD
NVD
added 2025/09/09 9:15 p.m.11 views

CVE-2025-58763

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. A command injection vulnerability in Tautulli v2.15.3 and prior allows attackers with administrative privileges to obtain remote code execution on the application server. This vulnerability requires the application to...

8CVSS0.01675EPSS
Exploits1References1
CVE
CVE
added 2025/09/09 8:13 p.m.23 views

CVE-2025-58763

Tautulli (Python-based Plex monitoring) has a command-injection vulnerability affecting v2.15.3 and earlier. The flaw arises when cloning from GitHub and installing manually, where the update/version logic calls runGit via subprocess.Popen with shell=True. The checkout_git_branch path stores un s...

8CVSS8.2AI score0.01675EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/09/09 8:13 p.m.7 views

CVE-2025-58763 Tautulli vulnerable to Authenticated Remote Code Execution via Command Injection

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. A command injection vulnerability in Tautulli v2.15.3 and prior allows attackers with administrative privileges to obtain remote code execution on the application server. This vulnerability requires the application to...

8CVSS0.01675EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/09/09 8:13 p.m.4 views

CVE-2025-58763 Tautulli vulnerable to Authenticated Remote Code Execution via Command Injection

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. A command injection vulnerability in Tautulli v2.15.3 and prior allows attackers with administrative privileges to obtain remote code execution on the application server. This vulnerability requires the application to...

8CVSS8.2AI score0.01675EPSS
Exploits1References1
Circl
Circl
added 2025/09/09 4:23 p.m.6 views

CVE-2025-54908

creationtimestamp| type| source ---|---|--- 2025-09-09 16:23:23+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0278 2025-09-09 17:06:15+00:00| seen| https://www.thezdi.com/blog/2025/9/9/the-september-2025-security-update-review 2025-09-09 17:40:08+00:00| seen|...

7.8CVSS5.5AI score0.00558EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2025/09/09 3:23 p.m.7 views

keeshond_editor (>=0.1.0 <=0.13.0), keeshond_migrator (>=0.1.0 <=0.1.1) +2 more potentially affected by unknown CVE via toodee (>=0.2.4 <=0.3.0)

toodee CARGO version =0.2.4, =0.1.0, =0.1.0, =0.10.0, =0.13.0 Source cves: unknown CVE Source advisory: OSV:GHSA-PFP7-VXGR-83PW...

5.8AI score
Exploits0
Circl
Circl
added 2025/09/09 10:14 a.m.12 views

CVE-2025-10109

creationtimestamp| type| source ---|---|--- 2025-09-09 10:14:27+00:00| seen| https://gist.github.com/Darkcrai86/fd2fe6ea20ccb37f56e3bdc9b171c8e7...

9.8CVSS7.3AI score0.00387EPSS
Exploits1References1
Circl
Circl
added 2025/09/09 9:16 a.m.9 views

CVE-2024-33326

creationtimestamp| type| source ---|---|--- 2025-09-09 09:16:31+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-33326.yaml 2025-09-10 21:02:32+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lyj4ykkqt227 2025-09-27...

6.1CVSS5.7AI score0.0081EPSS
Exploits1References3
OSV
OSV
added 2025/09/09 5:40 a.m.3 views

BIT-JUPYTERLAB-2024-39700 Remote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub Action

JupyterLab extension template is a copier template for JupyterLab extensions. Repositories created using this template with test option include update-integration-tests.yml workflow which has an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to...

9.9CVSS7.1AI score0.01024EPSS
Exploits3References3
Snyk
Snyk
added 2025/09/08 6:31 p.m.5 views

Arbitrary Code Injection

Overview simstudio is a Sim Studio CLI - Run Sim Studio with a single command Affected versions of this package are vulnerable to Arbitrary Code Injection via the route.ts function. An attacker can execute arbitrary code by supplying crafted input to the code argument. Remediation A fix was pushe...

9.8CVSS7AI score0.00703EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2025/09/08 3:26 p.m.6 views

GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies

Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through...

6.6AI score
Exploits0
Rows per page
Query Builder