Lucene search
K

88 matches found

OSV
OSV
added 2025/11/18 2:24 p.m.2 views

CVE-2025-10158 Rsync: Out of bounds array access via negative index

A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue...

4.3CVSS6AI score0.00289EPSS
Exploits0References4
Gitee
Gitee
added 2025/11/04 1:52 p.m.154 views

autottp

This is a Python wrapper for the PowerShell Empire API, a framework for penetration testing and red teaming. The wrapper provides a simple interface to interact with the Empire API, allowing users to automate tasks and sequences of actions. The wrapper is feature complete as of Empire 1.5.0 and...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2013-4108

Malware in sbrugna...

6.5CVSS6.5AI score0.01451EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-4136

Malware in sbrugna...

5CVSS6.4AI score0.01256EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2002-0182

Malware in sbrugna...

7.5CVSS6.3AI score0.04166EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-11945

Malware in sbrugna...

9.8CVSS9.2AI score0.00711EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-2073

Malware in sbrugna...

4CVSS6.4AI score0.00992EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-7160

Malware in sbrugna...

3.5CVSS6.4AI score0.00981EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-6107

Malware in sbrugna...

7.5CVSS6.4AI score0.01355EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-4577

Malware in sbrugna...

7.5CVSS6.3AI score0.01345EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-48475

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00382EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-8661

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00889EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-26125

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.00225EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-34962

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.0105EPSS
Exploits0References1
OSV
OSV
added 2025/09/09 9:31 a.m.3 views

GHSA-2FHW-2J7M-MR4M TYPO3 backend modules have Broken Access Control

Missing authorization checks in the Backend Routing of TYPO3 CMS versions 9.0.0‑9.5.54, 10.0.0‑10.4.53, 11.0.0‑11.5.47, 12.0.0‑12.4.36, and 13.0.0‑13.4.17 allow backend users to directly invoke AJAX backend routes without having access to the corresponding backend modules...

5.3CVSS6.9AI score0.00276EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/09/09 9:1 a.m.1 views

CVE-2025-59017 Broken Access Control in Backend AJAX Routes

Missing authorization checks in the Backend Routing of TYPO3 CMS versions 9.0.0‑9.5.54, 10.0.0‑10.4.53, 11.0.0‑11.5.47, 12.0.0‑12.4.36, and 13.0.0‑13.4.17 allow backend users to directly invoke AJAX backend routes without having access to the corresponding backend modules...

5.3CVSS6.4AI score0.00276EPSS
Exploits0References1
CVE
CVE
added 2025/09/09 9:1 a.m.16 views

CVE-2025-59017

CVE-2025-59017 reports missing authorization checks in TYPO3 CMS backend routing: backend users can directly invoke AJAX backend routes without access to the corresponding backend modules. Affected versions are 9.0.0–9.5.54, 10.0.0–10.4.53, 11.0.0–11.5.47, 12.0.0–12.4.36, and 13.0.0–13.4.17. The ...

8.8CVSS6.3AI score0.00276EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/09/09 12:15 a.m.5 views

CVE-2025-10113

A security vulnerability has been detected in itsourcecode Student Information Management System 1.0. This affects an unknown function of the file /admin/modules/room/index.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has...

9.8CVSS0.00387EPSS
Exploits1References5
NVD
NVD
added 2025/08/28 5:15 p.m.6 views

CVE-2025-57758

Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesn't check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying...

4.3CVSS0.00225EPSS
Exploits0References3
Snyk
Snyk
added 2025/08/28 4:46 p.m.4 views

Incorrect Authorization

Overview contao/core-bundle is an Open Source PHP Content Management System for people who want a professional website that is easy to maintain. Affected versions of this package are vulnerable to Incorrect Authorization due to table access voter improper verification of a user permissions to...

5.3CVSS6.9AI score0.00225EPSS
Exploits0References2
Rows per page
Query Builder