Lucene search
+L

94 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2020-28410

Malware in sbrugna...

8.8CVSS8.6AI score0.00616EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-16005

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00184EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-41065

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.0056EPSS
Exploits0References4
NVD
NVD
added 2025/08/26 11:15 a.m.7 views

CVE-2025-44002

Race Condition in the Directory Validation Logic in the TeamViewer Full Client and Host prior version 15.69 on Windows allows a local non-admin user to create arbitrary files with SYSTEM privileges, potentially leading to a denial-of-service condition, via symbolic link manipulation during...

6.1CVSS0.00092EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-16664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System OTRS 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent...

8.8CVSS7.8AI score0.02492EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-10067

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Open Ticket Request System OTRS 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker wh...

5.4CVSS5.7AI score0.01155EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/26 12:0 a.m.6 views

Trellix System Information Reporter 安全漏洞

Trellix System Information Reporter is a system information cell phone tool from Trellix USA. A security vulnerability exists in Trellix System Information Reporter 1.0.3 and earlier versions, which stems from a path or symbolic link manipulation issue that could lead to a system file overwrite...

7.2CVSS6.2AI score0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:14 p.m.9 views

CVE-2022-38482

A link-manipulation issue was discovered in Mega HOPEX 15.2.0.6110 before V5CP4...

4.3CVSS6.9AI score0.0056EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 4:7 a.m.91 views

Security Bulletin: IBM Cognos Analytics is affected by multiple vulnerabilities

Summary There are vulnerabilities in IBM® Java™, IBM WebSphere Application Server Liberty and Open-Source Software OSS components used by IBM Cognos Analytics. Additionally, IBM Cognos Analytics is vulnerable to Open URL Redirection and Link Manipulation vulnerabilities. For more information abou...

8.6CVSS10AI score0.36081EPSS
Exploits8Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 4:36 p.m.14 views

CVE-2020-7283

Privilege Escalation vulnerability in McAfee Total Protection MTP before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. This is achieved through running a malicious script or program on the target machine...

8.8CVSS6.5AI score0.00616EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/09 12:0 a.m.3 views

PT-2024-28456

Name of the Vulnerable Software and Affected Versions axios versions 1.3.2 through 1.7.3 Description The issue allows Server-Side Request Forgery SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs. This could lead to internal system access o...

7.5CVSS6.8AI score0.01414EPSS
Exploits1References51
Github Security Blog
Github Security Blog
added 2024/06/12 7:40 p.m.41 views

WooCommerce has a Cross-Site Scripting (XSS) Vulnerability in checkout & registration forms

Impact A vulnerability introduced in WooCommerce 8.8 allows for cross-site scripting. A bad actor can manipulate a link to include malicious HTML & JavaScript content. While the content is not saved to the database, the links may be sent to victims for malicious purposes. The injected JavaScript...

5.4CVSS5.3AI score0.00483EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2024/05/14 10:15 p.m.28 views

GHSA-XC3P-28HW-Q24G Grafana proxy Cross-site Scripting

Today we are releasing Grafana 8.3.5 and 7.5.15. This patch release includes MEDIUM severity security fix for XSS for Grafana. Release v.8.3.5, only containing security fixes: - Download Grafana 8.3.5 - Release notes Release v.7.5.15, only containing security fixes: - Download Grafana 7.5.15 -...

6.8CVSS6.9AI score0.02359EPSS
Exploits1References9
NVD
NVD
added 2024/01/09 2:15 p.m.29 views

CVE-2024-0206

A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symboli...

7.8CVSS7.3AI score0.00184EPSS
Exploits0References1
Prion
Prion
added 2024/01/09 2:15 p.m.18 views

Code injection

A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symboli...

4.3CVSS7.2AI score0.00184EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/09 12:56 p.m.59 views

CVE-2024-0206

CVE-2024-0206 affects Trellix Anti-Malware Engine prior to the January 2024 release. The root cause is a symbolic link in the Trellix ENS registry folder that a privileged, authenticated local user can create, which the Engine then follows after a scan, potentially removing files the user should ...

7.8CVSS7.7AI score0.00184EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/01/09 12:0 a.m.5 views

Trellix Anti-Malware Engine Backlink Vulnerability

Trellix Anti-Malware Engine is a security program from FireEye Trellix, Inc. Trellix Anti-Malware Engine version 6700 suffers from a back-link vulnerability that stems from the presence of a symbolic link manipulation vulnerability that allows privilege escalation by authenticated local users...

7.8CVSS6.6AI score0.00184EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/11 12:0 a.m.8 views

Hitachi System Management Unit Security Vulnerability

Hitachi System Management Unit is a device used to manage servers and clusters from Hitachi, Japan. A security vulnerability exists in Hitachi System Management Unit SMU versions prior to 14.8.7825.01, which stems from the component's susceptibility to information disclosure via URL manipulation,...

7.6CVSS6.4AI score0.01583EPSS
Exploits5References4
OSV
OSV
added 2023/10/25 6:17 p.m.9 views

CVE-2023-36085

The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injection vulnerability in its "/sisqualIdentityServer/core/" endpoint. By modifying the HTTP Host header, an attacker can change webpage links and even redirect users to arbitrary or malicious locations. This can lead to...

6.1CVSS5.9AI score0.00507EPSS
Exploits5References2
CNNVD
CNNVD
added 2023/10/25 12:0 a.m.5 views

SISQUAL WFM Input Validation Error Vulnerability

SISQUAL WFM is an intelligent software solution from SISQUAL WFM, Inc. enabling companies around the world to forecast, plan and manage their workforce. A security vulnerability exists in SISQUAL WFM versions 7.1.319.103 through 7.1.319.111, which stems from the presence of a Host Header Injectio...

6.1CVSS7AI score0.00507EPSS
Exploits5References3
Rows per page
Query Builder