Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-1849

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00304EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2023/08/18 6:51 a.m.52 views

Google Chrome's New Feature Alerts Users About Auto-Removal of Malicious Extensions

Google has announced plans to add a new feature in the upcoming version of its Chrome web browser to proactively alert users when an extension they have installed has been removed from the Chrome Web Store. The feature, set for release alongside Chrome 117, allows users to be notified when an...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2023/06/06 3:25 p.m.24 views

CVE-2023-33544

hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite...

5.5CVSS6.7AI score0.00304EPSS
Exploits1References3
OSV
OSV
added 2023/06/01 3:30 p.m.19 views

GHSA-P223-C4W6-Q454 hawtio vulnerable to Path Traversal

hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite...

5.5CVSS5.2AI score0.00304EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2023/06/01 3:30 p.m.26 views

hawtio vulnerable to Path Traversal

hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite...

5.5CVSS6.7AI score0.00304EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/06/01 1:15 p.m.17 views

CVE-2023-33544

hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite...

5.5CVSS5.4AI score0.00304EPSS
Exploits1References1
OSV
OSV
added 2023/06/01 1:15 p.m.23 views

CVE-2023-33544

hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite...

5.5CVSS6.8AI score
Exploits0References1
Cvelist
Cvelist
added 2023/06/01 12:0 a.m.36 views

CVE-2023-33544

hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite...

5.6AI score0.00304EPSS
Exploits1References1
Prion
Prion
added 2023/05/01 3:15 p.m.17 views

Design/Logic Flaw

Streampark allows any users to upload a jar as application, but there is no mandatory verification of the uploaded file type, causing users to upload some high-risk files, and may upload them to any directory, Users of the affected versions should upgrade to Apache StreamPark 2.0.0 or later...

7.5CVSS9.4AI score0.01308EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/01 12:0 a.m.3 views

PT-2023-14756 · Apache · Apache Streampark

Name of the Vulnerable Software and Affected Versions: Apache StreamPark versions prior to 2.0.0 Description: The issue allows any user to upload a jar as an application without mandatory verification of the uploaded file type. This enables users to upload high-risk files and potentially upload...

9.8CVSS7.1AI score0.01308EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/05/01 12:0 a.m.3 views

Apache StreamPark 代码问题漏洞

Apache StreamPark is a streaming media application development framework from the Apache Foundation. Apache StreamPark suffers from a code issue vulnerability that stems from allowing any user to upload a jar as an application, but not forcing validation of the uploaded file type, leading to the...

9.8CVSS8.6AI score0.01308EPSS
Exploits0References2
Rows per page
Query Builder