Lucene search
+L

285 matches found

Vulnrichment
Vulnrichment
added 2025/03/31 10:23 p.m.5 views

CVE-2025-24246

An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access user-sensitive data...

5.9AI score0.00894EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/31 10:23 p.m.21 views

CVE-2025-24246

An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access user-sensitive data...

0.00894EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/31 10:23 p.m.8 views

CVE-2025-30462

A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Apps that appear to use App Sandbox may be able to launch without restrictions...

5.9AI score0.00825EPSS
Exploits0References3
CVE
CVE
added 2025/03/31 10:23 p.m.75 views

CVE-2025-30462

CVE-2025-30462 concerns a library injection issue that Apple fixed by adding restrictions. Affected: macOS Ventura 13.7.5, macOS Sequoia 15.4, and macOS Sonoma 14.7.5. The issue may allow apps that appear to use App Sandbox to launch with fewer restrictions, per the description. Remediation: appl...

9.8CVSS5.8AI score0.00825EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/31 10:22 p.m.7 views

CVE-2025-24282

A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system...

6.6AI score0.00247EPSS
Exploits0References1
CVE
CVE
added 2025/03/31 10:22 p.m.76 views

CVE-2025-24282

A library injection issue in macOS Sequoia was addressed with additional restrictions. The vulnerability could allow an app to modify protected parts of the file system and is fixed in macOS Sequoia 15.4. Affected product: macOS Sequoia; fix version: 15.4. CVE-2025-24282. Exploitation status is n...

5.5CVSS6.4AI score0.00247EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/03/31 12:0 a.m.9 views

PT-2025-13959 · Code Projects · Code-Projects Payroll Management System

Name of the Vulnerable Software and Affected Versions: code-projects Payroll Management System version 1.0 Description: A critical issue affects the processing of the file /view account.php, where the manipulation of the salary rate argument leads to SQL injection. The attack can be initiated...

8.8CVSS6.9AI score0.00596EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2025/03/31 12:0 a.m.5 views

PT-2025-13990 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.5 macOS Sequoia versions prior to 15.4 macOS Sonoma versions prior to 14.7.5 Description: A library injection issue was addressed with additional restrictions. Apps that appear to use App Sandbox may be able to...

9.8CVSS6.1AI score0.00825EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/03/22 7:24 p.m.24 views

CVE-2025-29980

A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.7...

9.8CVSS8.7AI score0.00528EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/20 12:0 a.m.9 views

Azure Linux 3.0 Security Update: python-virtualenv (CVE-2024-53899)

The version of python-virtualenv installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53899 advisory. - virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual...

8.4CVSS7.3AI score0.0157EPSS
Exploits1References2
CVE
CVE
added 2025/03/13 5:56 a.m.184 views

CVE-2024-8402

CVE-2024-8402 affects GitLab EE/CE, with input validation in the Google Cloud IAM integration allowing a Maintainer to inject malicious code in versions: 17.2–17.7.7, 17.8–17.8.5, and 17.9–17.9.2. Affected product: GitLab EE (and CE per sources) before the fixed releases. Root cause: input valida...

7.4CVSS3.8AI score0.00228EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2025/03/12 3:15 p.m.18 views

CVE-2025-29891

Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.10.0 before 4.10.2, from 4.8.0 before 4.8.5, from 3.10.0 before 3.22.4. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4 for 3.x releases. This vulnerability is...

4.8CVSS0.71999EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-23280

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS...

7.5CVSS7AI score0.01286EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2017-7701

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. Th...

7.8CVSS7.4AI score0.02709EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2017-6469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS dissector crash, triggered by packet injection or a malformed capture file. This was addressed...

7.5CVSS7.4AI score0.02949EPSS
Exploits0References2
CVE
CVE
added 2025/02/20 2:11 p.m.52 views

CVE-2025-20059

CVE-2025-20059 : Affected product is Ping Identity PingAM Java Policy Agent. The issue is a relative path traversal that enables parameter injection in PingAM Policy Agent components. Affects versions through 5.10.3, through 2023.11.1, and through 2024.9. Impact (as per CVSS metrics in the initia...

9.2CVSS6.6AI score0.00913EPSS
Exploits0References1
OSV
OSV
added 2025/02/18 8:35 p.m.10 views

CVE-2025-26610 SQL Injection endpoint 'restaurar_produto_desocultar.php' parameter 'id_produto' in WeGIA

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, restaurarprodutodesocultar.php endpoint. This vulnerability allow an authorized attacker to execute arbitrary SQL queries, allowin...

9.4CVSS8.2AI score0.00542EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/02/15 7:23 p.m.7 views

CVE-2024-11346

: Access of Resource Using Incompatible Type 'Type Confusion' vulnerability in Lexmark International CX, XC, CS, et. Al. Postscript interpreter modules allows Resource Injection.This issue affects CX, XC, CS, et. Al.: from 001.001:0 through 081.231, from ..P001 through ..P233, from ..P001 through...

7.3CVSS6.9AI score0.00431EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.8 views

Azure Linux 3.0 Security Update: gtk2 / gtk3 (CVE-2024-6655)

The version of gtk2 / gtk3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6655 advisory. - A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be inject...

7CVSS6.8AI score0.00464EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/05 12:0 a.m.6 views

PT-2025-5724 · Kemp · Loadmaster

Name of the Vulnerable Software and Affected Versions: LoadMaster versions 7.2.48.12 and earlier LoadMaster versions 7.2.49.0 through 7.2.54.12 LoadMaster versions 7.2.55.0 through 7.2.60.1 ECS versions prior to 7.2.60.1 Description: The issue is related to improper input validation, allowing OS...

8.4CVSS9.2AI score0.06337EPSS
Exploits0References12
Rows per page
Query Builder