Lucene search
K

177 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-2812

Malware in sbrugna...

7.5CVSS6AI score0.01272EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.14 views

EUVD-2013-2449

Malware in sbrugna...

5.8CVSS7.3AI score0.04632EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-5850

Malware in sbrugna...

5.8CVSS6.1AI score0.01281EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29112

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0024EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-3224

Malicious code in bioql PyPI...

6.8CVSS6.8AI score0.00589EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-28061

Malicious code in bioql PyPI...

6.2CVSS6.6AI score0.00134EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-58908

Malicious code in bioql PyPI...

6.8CVSS6.7AI score0.00589EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/10/02 11:23 p.m.4 views

SUSE CVE-2025-54291

Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses...

5.3CVSS7.2AI score0.0036EPSS
Exploits1References3
OSV
OSV
added 2025/10/02 10:15 a.m.1 views

DEBIAN-CVE-2025-54291

Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses...

5.3CVSS5.5AI score0.0036EPSS
Exploits1References1
OSV
OSV
added 2025/10/02 10:15 a.m.3 views

UBUNTU-CVE-2025-54291

Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses...

6.9CVSS5.9AI score0.0036EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/10/02 9:25 a.m.8 views

CVE-2025-54291 Project existence disclosure in LXD images API

Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses...

6.9CVSS0.0036EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.5 views

Malicious code in es6-http-status-codes (npm)

The package es6-http-status-codes was found to contain malicious code...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:51 a.m.7 views

CVE-2023-46906

juzaweb = 3.4 is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated...

4.9CVSS6.7AI score0.00694EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 p.m.10 views

CVE-2021-38384

Serverless Offline 8.0.0 returns a 403 HTTP status code for a route that has a trailing / character, which might cause a developer to implement incorrect access control, because the actual behavior within the Amazon AWS environment is a 200 HTTP status code i.e., possibly greater than expected...

9.8CVSS7.1AI score0.0146EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2025/04/14 10:51 a.m.124 views

Exploit for CVE-2025-46047

CVE-2025-46047 Silverpeas -u Example...

7.2AI score0.00331EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2025/01/08 8:28 a.m.4 views

urllib3: Request body not stripped after redirect from 303 status changes request method to GET

A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as POST to GET, as is required by HTTP...

4.2CVSS7.2AI score0.00544EPSS
Exploits0References7
NVD
NVD
added 2024/11/25 8:15 p.m.27 views

CVE-2024-53262

SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. The static error.html template for errors contains placeholders that are replaced without escaping the content first. error.html is the page that is rendered when everything else fails. It can contai...

5.4CVSS0.0047EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/11/25 7:7 p.m.15 views

CVE-2024-53262 Unescaped error message included on error page in SvelteKit

SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. The static error.html template for errors contains placeholders that are replaced without escaping the content first. error.html is the page that is rendered when everything else fails. It can contai...

2CVSS7.1AI score0.0047EPSS
Exploits1References3
CVE
CVE
added 2024/11/25 7:7 p.m.60 views

CVE-2024-53262

CVE-2024-53262 affects SvelteKit where the static error.html template renders placeholders for HTTP status and error.message without escaping. This can allow an attacker-provided error.message to inject content into the error page, yielding a template XSS risk for applications that include user i...

5.4CVSS7.1AI score0.0047EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/11/25 3:32 p.m.15 views

GHSA-MH2X-FCQH-FMQV @sveltejs/kit has unescaped error message included on error page

Summary The static error.html template for errors contains placeholders that are replaced without escaping the content first. Details From https://kit.svelte.dev/docs/errors: error.html is the page that is rendered when everything else fails. It can contain the following placeholders:...

4.2CVSS6.7AI score0.0047EPSS
Exploits1References7
Rows per page
Query Builder