Lucene search
K

113 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-27402

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01274EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-7777

Malicious code in bioql PyPI...

2.4CVSS6.6AI score0.00182EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-52533

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00335EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/30 12:0 a.m.8 views

The vulnerability of the resize() and text() methods of the ImageMagick framework, which are used for developing web systems and CodeIgniter applications, allows attackers to load arbitrary files.

The vulnerability of the resize and text methods of the ImageMagick framework used for developing web systems and CodeIgniter applications relates to the lack of measures taken to neutralize special elements used in the operating system command line. Exploiting this vulnerability allows a remote...

10CVSS6AI score0.01508EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/06/05 5:48 a.m.5 views

BIT-JOOMLA-2025-25226 [20250401] - Joomla Framework - SQL injection vulnerability in quoteNameStr method of Database package

Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package. Please note: the affected method is a protected method. It has no usages in the original packages in neither the 2.x nor 3.x branch and therefore the vulnerability in questio...

9.8CVSS7.5AI score0.00451EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:50 p.m.7 views

CVE-2022-30703

Trend Micro Security 2021 and 2022 Consumer is vulnerable to an exposed dangerous method vulnerability that could allow an attacker to obtain access to leaked kernel addresses and disclose sensitive information. This vulnerability could also potentially be chained for privilege escalation...

7.8CVSS6.6AI score0.00335EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:34 p.m.8 views

CVE-2010-2217

Adobe Flash Media Server FMS before 3.0.6, and 3.5.x before 3.5.4, allows attackers to execute arbitrary code via unspecified vectors, related to a "JS method vulnerability."...

10CVSS8AI score0.04521EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:20 p.m.7 views

CVE-2009-2386

Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method...

9.3CVSS7.2AI score0.05115EPSS
Exploits3References1
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.6 views

PT-2025-16862 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

9CVSS7.5AI score0.0049EPSS
Exploits0References6
Mageia
Mageia
added 2025/03/12 7:0 a.m.26 views

Updated python-django packages fix security vulnerability

An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings. CVE-2025-26699...

7.5CVSS6.8AI score0.00748EPSS
Exploits0References2
OSV
OSV
added 2025/02/24 6:32 p.m.5 views

GHSA-2CJ2-QQXJ-5M3R Phusion Passenger denial of service

The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during parsing of a request with an invalid HTTP method...

5.3CVSS5.2AI score0.0057EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/09/18 12:0 a.m.8 views

PT-2024-11535 · Mautic · Mautic

Name of the Vulnerable Software and Affected Versions: Mautic affected versions not specified Description: The upgrade logic in Mautic's application update via an upgrade script is not properly shielded, potentially leading to a vulnerable situation. However, this issue is mitigated by the fact...

7.8CVSS6.8AI score0.00277EPSS
Exploits0References11
CNVD
CNVD
added 2024/08/14 12:0 a.m.4 views

TOTOLINK X5000R setSyslogCfg Method Command Injection Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setSyslogCfg method of /cgi-bin/cstecgi.cgi failing to properly filter construct command special...

8.8CVSS7.4AI score0.01647EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2024/07/19 12:0 a.m.6 views

The vulnerability of the Connect method of the SolarWinds Access Rights Manager software allows a perpetrator to execute arbitrary code.

The vulnerability of the Connect method in the SolarWinds Access Rights Manager software lies in improper restrictions on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

9.6CVSS8.4AI score0.02539EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2024/07/01 12:0 a.m.29 views

CVE-2024-38953

phpok 6.4.003 contains a Cross Site Scripting XSS vulnerability in the okf method under the framework/api/uploadcontrol.php file...

0.00292EPSS
Exploits1References1
CNVD
CNVD
added 2024/06/12 12:0 a.m.4 views

Hazardous Method or Function Vulnerability Exposed by Siemens SINEC Traffic Analyzer

SINEC Traffic Analyzer is an on-premise application that monitors PNIO PROFINET IO communication between controllers and IO devices. The software detects PROFINET communication problems and reports them to the user via Web-UI. Siemens SINEC Traffic Analyzer has an exposed dangerous method or...

7.5CVSS6.9AI score0.0032EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/06/10 12:0 a.m.9 views

The vulnerability of the GetRulesetsSQL method in the Ivanti Endpoint Manager software for managing endpoints in information networks allows a hacker to execute arbitrary code.

The vulnerability of the GetRulesetsSQL method in the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a...

9CVSS8AI score0.08484EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/06/03 12:0 a.m.5 views

The vulnerability of the `BaproductzoommagnifierZoomModuleFrontController::run()` method in the Best Zoom Magnifier Effect module – BAZoom Magnifier, a open-source e-commerce web application for PrestaShop. This vulnerability allows an attacker to elevate their privileges and gain access to read, modify, or delete data.

The vulnerability of the BaproductzoommagnifierZoomModuleFrontController::run method in the Best Zoom Magnifier Effect – BAZoom Magnifier web application for e-commerce with open-source PrestaShop is related to the lack of protective measures for the SQL query structure. Exploiting this...

10CVSS7.8AI score0.00748EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2024/04/22 12:0 a.m.2 views

Tenda AC500 formexeCommand Method Command Injection Vulnerability

Tenda AC500 is the wireless controller device introduced, designed for small and medium-sized businesses, with support for managing wireless networks across VLANs. Tenda AC500 suffers from a command injection vulnerability that stems from the cmdinput parameter of the formexeCommand method failin...

3.8CVSS7.6AI score0.01028EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/04/08 12:0 a.m.3 views

TOTOLINK EX200 安全漏洞

TOTOLINK EX200 is a wireless N range extender from China Gion Electronics TOTOLINK , which is mainly used to extend the coverage of the existing Wi-Fi network and solve the problem of signal blind zones. TOTOLINK EX200 suffers from an information disclosure vulnerability that stems from improper...

6.5CVSS6.3AI score0.00343EPSS
Exploits0References2
Rows per page
Query Builder