Lucene search
+L

223 matches found

Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.22 views

PT-2026-23488

Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.2 Description Gogs, a self-hosted Git service, is affected by a DOM-Based Cross-Site Scripting XSS issue. An attacker can inject an HTML/JavaScript payload into a repository’s Milestone name. When another user selec...

9.9CVSS5.8AI score0.22162EPSS
Exploits70References137
OSV
OSV
added 2026/01/11 12:30 p.m.4 views

GHSA-M86R-WR74-693H AcademySoftwareFoundation OpenColorIO has an out-of-bounds vulnerability

A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has...

4.8CVSS6.4AI score0.00165EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/01/09 12:29 p.m.5 views

CVE-2023-40816

OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Milestone Name Field...

6.1CVSS6.9AI score0.00463EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:28 a.m.11 views

CVE-2019-12429

An issue was discovered in GitLab Community and Enterprise Edition 11.9 through 11.11. Unprivileged users were able to access labels, status and merge request counts of confidential issues via the milestone details page. It has Improper Access Control...

6.5CVSS6.5AI score0.00926EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.8 views

PT-2026-1508

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.20 GitHub Enterprise Server versions 3.14.20 GitHub Enterprise Server versions 3.15.15 GitHub Enterprise Server versions 3.16.11 GitHub Enterprise Server versions 3.17.8 GitHub Enterprise Server...

8.4CVSS6.1AI score0.00182EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/12/17 11:3 a.m.15 views

CVE-2025-0836

Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API...

6.3CVSS6.9AI score0.00186EPSS
Exploits0References1
NVD
NVD
added 2025/12/16 11:15 a.m.5 views

CVE-2025-0836

Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API...

6.3CVSS0.00186EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/16 11:2 a.m.38 views

CVE-2025-0836 XProtect MIP API Missing Authorization

Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API...

6.3CVSS0.00186EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/16 11:2 a.m.3 views

CVE-2025-0836 XProtect MIP API Missing Authorization

Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API...

6.3CVSS6.5AI score0.00186EPSS
Exploits0References2
CVE
CVE
added 2025/12/16 11:2 a.m.15 views

CVE-2025-0836

CVE-2025-0836 – Milestone XProtect VMS is described as a Missing Authorization vulnerability where users with read-only access to the Management Server can obtain full read/write access to the MIP Webhooks API. The issue is documented across multiple feeds (NVD, Red Hat, ENISA EUVD, CVE and vendo...

6.3CVSS6.5AI score0.00186EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.6 views

Milestone Systems XProtect VMS 安全漏洞

Milestone Systems XProtect VMS is a video management software from Milestone Systems, USA. A security vulnerability exists in Milestone Systems XProtect VMS that stems from an authorization gap that could result in a read-only user gaining full read and write access to the MIP Webhooks API...

6.3CVSS6.7AI score0.00186EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.5 views

PT-2025-51471

Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API...

6.3CVSS6.9AI score0.00186EPSS
Exploits0References3
Wired Threat Level
Wired Threat Level
added 2025/10/10 9:15 a.m.4 views

Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits

With the mercenary spyware industry booming, Apple VP Ivan Krstić tells WIRED that the company is also offering bonuses that could bring the max total reward for iPhone exploits to $5 million...

6.7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-6513

Malware in sbrugna...

5.4CVSS5.8AI score0.0078EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-11185

Malware in sbrugna...

6.5CVSS6.8AI score0.00826EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-19603

Malware in sbrugna...

8.1CVSS8.2AI score0.04182EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-5543

Malware in sbrugna...

7.3CVSS6.1AI score0.00846EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.16 views

EUVD-2025-26642

Malicious code in bioql PyPI...

9.3CVSS6.4AI score0.01557EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-3017

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00463EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-50965

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00148EPSS
Exploits0References1
Rows per page
Query Builder