Lucene search
K

68 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-30402

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00239EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-10058

Malicious code in bioql PyPI...

4.8CVSS4AI score0.003EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25741

Malicious code in bioql PyPI...

5.8CVSS5AI score0.00277EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/24 7:29 a.m.7 views

CVE-2025-10787

A vulnerability was found in MuYuCMS up to 2.7. Impacted is an unknown function of the file /index/index.html of the component Add Fiend Link Handler. Performing manipulation of the argument Link URL results in server-side request forgery. The attack may be initiated remotely. The exploit has bee...

6.5CVSS6.6AI score0.00239EPSS
Exploits0References1
NVD
NVD
added 2025/09/22 7:15 a.m.4 views

CVE-2025-10787

A vulnerability was found in MuYuCMS up to 2.7. Impacted is an unknown function of the file /index/index.html of the component Add Fiend Link Handler. Performing manipulation of the argument Link URL results in server-side request forgery. The attack may be initiated remotely. The exploit has bee...

6.5CVSS0.00239EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.5 views

PT-2025-38694

Name of the Vulnerable Software and Affected Versions MuYuCMS versions prior to 2.7 Description A server-side request forgery condition exists in MuYuCMS. The issue is located in an unknown function within the /index/index.html file of the Add Fiend Link Handler component. Manipulation of the Lin...

6.5CVSS6.3AI score0.00239EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/09/22 12:0 a.m.5 views

MuYuCMS 安全漏洞

MuYuCMS is a lightweight open source content management system open source by MuYuCMS. A security vulnerability exists in MuYuCMS 2.7 and earlier versions, which stems from the incorrect manipulation of the parameter Link URL of the component Add Fiend Link Handler in the file /index/index.html,...

6.5CVSS6.3AI score0.00239EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/09/15 6:32 p.m.2 views

CVE-2025-10472 harry0703 MoneyPrinterTurbo URL video.py stream_video path traversal

A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1.2.6. The impacted element is the function downloadvideo/streamvideo of the file app/controllers/v1/video.py of the component URL Handler. The manipulation of the argument filepath leads to path traversal. The attack can be...

6.9CVSS6.6AI score0.00776EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/08/30 6:21 p.m.3 views

CVE-2025-9414

A vulnerability was found in kalcaddle kodbox 1.61. Affected by this vulnerability is an unknown functionality of the file /?explorer/upload/serverDownload of the component Download from Link Handler. Performing manipulation of the argument url results in server-side request forgery. Remote...

5.8CVSS4.8AI score0.00277EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-17520

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote...

8.8CVSS8.5AI score0.01896EPSS
Exploits0References2
OSV
OSV
added 2025/08/19 6:26 p.m.7 views

CVE-2025-55733 DeepChat One-click Remote Code Execution through Custom URL Handling

DeepChat is a smart assistant that connects powerful AI to your personal world. DeepChat before 0.3.1 has a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted deepchat: URL on any website, including a malicious one they...

9.6CVSS7.8AI score0.00629EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/08/11 5:59 p.m.2 views

CVE-2025-54063 Cherry Studio One-click Remote Code Execution Vulnerability through Custom URL Handling

Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.4.8 to 1.5.0, there is a one-click remote code execution vulnerability through the custom URL handling. An attacker can exploit this by hosting a malicious website or embedding a specially crafted URL on a...

8CVSS8AI score0.00708EPSS
Exploits1References3
OSV
OSV
added 2025/08/11 5:59 p.m.4 views

CVE-2025-54063 Cherry Studio One-click Remote Code Execution Vulnerability through Custom URL Handling

Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.4.8 to 1.5.0, there is a one-click remote code execution vulnerability through the custom URL handling. An attacker can exploit this by hosting a malicious website or embedding a specially crafted URL on a...

8CVSS8AI score0.00708EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-9794

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This coul...

9.8CVSS7.5AI score0.01774EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/02 12:0 a.m.4 views

Cursor 操作系统命令注入漏洞

Cursor is an AI code editor from Cursor open source. An operating system command injection vulnerability exists in Cursor versions 1.17 through 1.2, which stems from an information disclosure in the MCP deep link handler that could lead to arbitrary system command execution...

9.6CVSS7.4AI score0.00329EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/25 12:0 a.m.8 views

The vulnerability of the Link Handler component in the Mozilla Firefox browser allows a hacker to circumvent existing security restrictions.

The vulnerability of the Link Handler component in the Mozilla Firefox browser is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...

7.8CVSS5.4AI score0.0021EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/04/16 1:15 p.m.3 views

CVE-2025-3691

A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as problematic. Affected is an unknown function of the component Add Link Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been...

5.3CVSS4.8AI score0.00463EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/04/16 1:0 p.m.11 views

CVE-2025-3691 mirweiye Seven Bears Library CMS Add Link server-side request forgery

A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as problematic. Affected is an unknown function of the component Add Link Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been...

5.1CVSS4.2AI score0.00463EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.5 views

Seven Bears Library CMS 安全漏洞

Seven Bears Library CMS is a content management system by mirweiye individual developer. A security vulnerability exists in Seven Bears Library CMS version 2023, which stems from the Add Link Handler component being susceptible to server-side request forgery attacks...

5.3CVSS4.2AI score0.00463EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/04/10 4:15 a.m.15 views

CVE-2025-3386

A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /adminlinks of the component Friendship Link Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The...

4.8CVSS6.2AI score0.003EPSS
Exploits1References1
Rows per page
Query Builder