14 matches found
EUVD-2025-17682
Malicious code in bioql PyPI...
EUVD-2025-17677
Malicious code in bioql PyPI...
CVE-2025-44044
Keyoti SearchUnit prior to 9.0.0. is vulnerable to XML External Entity XXE. An attacker who can force a vulnerable SearchUnit host into parsing maliciously crafted XML and/or DTD files can exfiltrate some files from the underlying operating system...
CVE-2025-44043
Keyoti SearchUnit prior to 9.0.0. is vulnerable to Server-Side Request Forgery SSRF in /KeyotiSearchEngineWebCommon/SearchService.svc/GetResults and /KeyotiSearchEngineWebCommon/SearchService.svc/GetLocationAndContentCategories. An attacker can specify their own SMB server as the indexDirectory...
CVE-2025-44043
Keyoti SearchUnit prior to 9.0.0. is vulnerable to Server-Side Request Forgery SSRF in /KeyotiSearchEngineWebCommon/SearchService.svc/GetResults and /KeyotiSearchEngineWebCommon/SearchService.svc/GetLocationAndContentCategories. An attacker can specify their own SMB server as the indexDirectory...
CVE-2025-44044
Keyoti SearchUnit prior to 9.0.0. is vulnerable to XML External Entity XXE. An attacker who can force a vulnerable SearchUnit host into parsing maliciously crafted XML and/or DTD files can exfiltrate some files from the underlying operating system...
CVE-2025-44044
Keyoti SearchUnit prior to 9.0.0. is vulnerable to XML External Entity XXE. An attacker who can force a vulnerable SearchUnit host into parsing maliciously crafted XML and/or DTD files can exfiltrate some files from the underlying operating system...
PT-2025-24681 · Keyoti · Searchunit
Name of the Vulnerable Software and Affected Versions: Keyoti SearchUnit versions prior to 9.0.0 Description: The issue allows an attacker to exfiltrate files from the underlying operating system by forcing a vulnerable host into parsing maliciously crafted XML and/or DTD files, exploiting an XML...
PT-2025-24680 · Keyoti · Keyoti Searchunit
Name of the Vulnerable Software and Affected Versions: Keyoti SearchUnit versions prior to 9.0.0. Description: The issue is related to Server-Side Request Forgery SSRF in the /Keyoti SearchEngine Web Common/SearchService.svc/GetResults and /Keyoti SearchEngine Web...
CVE-2025-44044
Keyoti SearchUnit prior to 9.0.0. is vulnerable to XML External Entity XXE. An attacker who can force a vulnerable SearchUnit host into parsing maliciously crafted XML and/or DTD files can exfiltrate some files from the underlying operating system...
CVE-2025-44043
Keyoti SearchUnit (prior to 9.0.0) is affected by two CVEs: CVE-2025-44043 (SSRF) in /SearchService.svc/GetResults and /GetLocationAndContentCategories, where an attacker can specify an SMB server as indexDirectory to cause the server to read/write configuration and log files on the attacker’s ho...
Keyoti SearchUnit 安全漏洞
Keyoti SearchUnit is a web search engine from Keyoti Canada. A security vulnerability exists in Keyoti SearchUnit versions prior to 9.0.0, which stems from a server-side request forgery issue that could result in configuration and log files being read or written...
Keyoti SearchUnit 安全漏洞
Keyoti SearchUnit is a web search engine from Keyoti Canada. A security vulnerability exists in Keyoti SearchUnit versions prior to 9.0.0 that stems from an XML external entity issue that could lead to an operating system file disclosure...
CVE-2025-44044
CVE-2025-44044 affects Keyoti SearchUnit prior to 9.0.0, which is vulnerable to XML External Entity (XXE). An attacker able to force the host to parse crafted XML/DTD can exfiltrate files from the underlying OS. The vulnerability’s practical consequence is unauthorized data disclosure via XML pro...