Lucene search
K

11 matches found

EUVD
EUVD
added 2026/06/23 2:25 p.m.7 views

EUVD-2026-38451

FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization bypass in the API role handling allows unauthenticated access to privileged /api/system/ endpoints. Because system resolves to the cron admin identity,...

10CVSS5.9AI score0.00408EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.10 views

PT-2026-51521

Name of the Vulnerable Software and Affected Versions FOSSBilling versions 0.5.4 through 0.7.x Description An authorization bypass in the API role handling allows unauthenticated access to privileged '/api/system/' endpoints. Because system resolves to the cron admin identity, attackers can invok...

10CVSS5.9AI score0.00408EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/04/28 10:2 p.m.113 views

Exploit for Command Injection in Github Enterprise_Server

ExploitCVE-2026-3854 CVE-2026-3854 is a Remote Code Executio...

8.8CVSS6AI score0.24462EPSS
Exploits5
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.9 views

PT-2026-6030

Name of the Vulnerable Software and Affected Versions Django versions prior to 6.0.2 Django versions prior to 5.2.11 Django versions prior to 4.2.28 Django versions 5.0.x and earlier Django versions 4.1.x and earlier Django versions 3.2.x and earlier Description A SQL injection flaw exists in...

9.3CVSS7.7AI score0.09436EPSS
Exploits1References80
Cvelist
Cvelist
added 2025/09/17 1:17 p.m.8 views

CVE-2025-59476

Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not restrict or transform the characters that can be inserted from user-specified content in log messages, allowing attackers able to control log message contents to insert line break characters, followed by forged log messages that may...

0.00335EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/08/27 9:39 a.m.4 views

Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data

A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence AI chat agent. The activity, assessed to be opportunistic in nature, has been attributed to a threat actor tracked...

6.9AI score
Exploits0
PyPA
PyPA
added 2024/10/24 10:15 p.m.5 views

PYSEC-2024-191

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Prior to version 3.12.3, when the logging level was set by the user to DEBUG, the Connector could have logged Duo passcodes when specified...

5.5CVSS6.6AI score0.00203EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2023/01/24 12:0 a.m.23 views

CVE-2022-3902

Removed by vendor...

6.4CVSS6.6AI score0.00719EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.3 views

PT-2023-13670 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 9.3 through 15.4.5 GitLab versions 15.5 through 15.5.4 GitLab versions 15.6 through 15.6.0 Description: An issue in GitLab allows a project maintainer to unmask webhook secret tokens by reviewing the logs after testing webhook...

6.4CVSS6AI score0.00719EPSS
Exploits1References10
ICS
ICS
added 2020/05/21 12:0 p.m.151 views

Detecting Citrix CVE-2019-19781

Summary Unknown cyber network exploitation CNE actors have successfully compromised numerous organizations that employed vulnerable Citrix devices through a critical vulnerability known as CVE-2019-19781.1 Though mitigations were released on the same day Citrix announced CVE-2019-19781,...

9.8CVSS10AI score0.99999EPSS
Exploits48References46
securityvulns
securityvulns
added 2008/03/09 12:0 a.m.34 views

F5 BIG-IP Web Management Console XSS

F5 BIG-IP Web Management Console XSS Product: F5 BIG-IP http://www.f5.com/products/big-ip/ The F5 BIG-IP web management interface contains a potentially persistent cross-site scripting vulnerability in the "Console" feature. Output from executed console commands is wrapped in textarea intentional...

0.9AI score
Exploits0
Rows per page
Query Builder