Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-16485

Malicious code in bioql PyPI...

6CVSS6.4AI score0.00222EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/06/10 2:41 p.m.4 views

CVE-2025-26395 SolarWinds SWOSH DOM-based reflective XSS Vulnerability

SolarWinds Observability Self-Hosted was susceptible to a cross-site scripting XSS vulnerability due to an unsanitized field in the URL. The attack requires authentication using an administrator-level account and user interaction is required...

7.1CVSS6.7AI score0.00188EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.4 views

Vasion Print 跨站脚本漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print versions prior to 22.0.1002 and Application versions prior to 20.0.2614. An attacker exploiting this vulnerability could execute a cross-site...

6.1CVSS6.1AI score0.00485EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.4 views

Vasion Print 安全漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. Vasion Print has a security vulnerability that stems from an insecure logging permission configuration...

9.8CVSS6.8AI score0.00645EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.3 views

Vasion Print 跨站脚本漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print that stems from a pre-authentication cross-site scripting attack in the badge registration feature...

6.1CVSS6.1AI score0.00485EPSS
Exploits1References2
NVD
NVD
added 2025/01/17 6:15 a.m.10 views

CVE-2024-11146

TrueFiling is a collaborative, web-based electronic filing system where attorneys, paralegals, court reporters and self-represented filers collect public legal documentation into cases. TrueFiling is an entirely cloud-hosted application. Prior to version 3.1.112.19, TrueFiling trusted some...

6.3CVSS0.00317EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/17 5:21 a.m.4 views

CVE-2024-11146 TrueFiling authorization bypass via user-controlled keys

TrueFiling is a collaborative, web-based electronic filing system where attorneys, paralegals, court reporters and self-represented filers collect public legal documentation into cases. TrueFiling is an entirely cloud-hosted application. Prior to version 3.1.112.19, TrueFiling trusted some...

6.3CVSS7AI score0.00317EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/06/06 6:30 p.m.25 views

Remote code execution in pytorch lightning

A remote code execution RCE vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to modify application state base...

9.8CVSS9.8AI score0.26488EPSS
Exploits3References6Affected Software1
NVD
NVD
added 2024/06/06 6:15 p.m.60 views

CVE-2024-5452

A remote code execution RCE vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to modify application state base...

9.8CVSS0.26488EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2024/06/06 5:54 p.m.18 views

CVE-2024-5452 RCE via Property/Class Pollution in lightning-ai/pytorch-lightning

A remote code execution RCE vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to modify application state base...

9.8CVSS7.8AI score0.26488EPSS
Exploits3References1
CNNVD
CNNVD
added 2023/04/11 12:0 a.m.3 views

Snippet Box 跨站脚本漏洞

Snippet Box is a simple self-hosted application for pawelmalak individual developers. It is used to organize code snippets. A security vulnerability exists in Snippet-box version 1.0.0. An attacker can exploit the vulnerability to see arbitrary web script or HTML in the "Snippet code" form field...

6.1CVSS6.6AI score0.00669EPSS
Exploits1References4
Prion
Prion
added 2023/03/23 5:15 p.m.23 views

Authorization

A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit thi...

4.3CVSS7.8AI score0.00206EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2023/03/22 4:0 p.m.55 views

Cisco IOS XE Software IOx Application Hosting Environment Privilege Escalation Vulnerability

A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit thi...

7.8CVSS7.8AI score0.00206EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/03 12:0 a.m.6 views

Nextcloud Access Control Error Vulnerability (CNVD-2021-39029)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An access control error vulnerability exists in Nextcloud Mail versions prior to 1.4.3, and prior to 1.8.2, which can be exploited by an authenticated attacke...

8.8CVSS6.7AI score0.01107EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/22 12:0 a.m.7 views

GitLab Resource Management Error Vulnerability (CNVD-2021-19407)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Enterprise...

7.8CVSS6.3AI score0.01187EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/22 12:0 a.m.7 views

GitLab Information Disclosure Vulnerability (CNVD-2021-19413)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Enterprise and...

5.3CVSS6.3AI score0.01082EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/10 12:0 a.m.10 views

GitLab Unspecified Vulnerability (CNVD-2021-19417 )

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Enterprise and...

4.3CVSS6.4AI score0.00554EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/29 12:0 a.m.9 views

Unnamed Vulnerability in GitLab

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions 10.8...

5.3CVSS6.4AI score0.00769EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/11 12:0 a.m.3 views

GitLab EE Denial of Service Vulnerability

GitLab is a Ruby on Rails developed, self-hosted, Git version control system project repository application from GitLab, Inc. The program can be used to access the project's file contents, commit history, bug list , etc. Git is a free, open source distributed version control system. A security...

7.5CVSS6.7AI score0.01148EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/11 12:0 a.m.2 views

GitLab CE/EE Information Disclosure Vulnerability (CNVD-2020-04928)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An information disclosure vulnerability exists in GitLab...

5.3CVSS6.1AI score0.01031EPSS
Exploits0References1
Rows per page
Query Builder