Lucene search
K

68 matches found

OSV
OSV
added 2026/04/13 12:0 a.m.9 views

ALSA-2026:7670 Important: nodejs:24 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs denial of service CVE-2026-21637 minimatch: minimatch: Denial of Service via specially crafted glob patterns CVE-2026-26996 undici:...

9.8CVSS5.8AI score0.26356EPSS
Exploits1References36
Positive Technologies
Positive Technologies
added 2026/02/22 12:0 a.m.3 views

PT-2026-21437

microASP Portal+ CMS contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the explode tree parameter. Attackers can send crafted requests to pagina.phtml with SQL injection payloads using extractvalue and...

8.8CVSS6.2AI score0.00346EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/30 4:4 p.m.4 views

EUVD-2025-205817

Discourse is an open source discussion platform. Prior to versions 3.5.3, 2025.11.1, and 2025.12.0, an attacker who knows part of a username can find the user and their full name via UI or API, even when enablenames is disabled. Versions 3.5.3, 2025.11.1, and 2025.12.0 contain a fix...

6.3CVSS6.3AI score0.00242EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.3 views

Discourse 安全漏洞

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes features such as communities, email, and chat rooms. A security vulnerability exists in Discourse versions prior to 3.5.3, prior to 2025.11.1, and prior to 2025.12.0, which stems from an...

6.3CVSS5.8AI score0.00242EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/15 12:0 a.m.4 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab CE and EE versions 17.6 through befo...

4.3CVSS6.5AI score0.00317EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-1248

Malware in sbrugna...

3.5CVSS4.6AI score0.00724EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-13134

Malware in sbrugna...

5.3CVSS5.5AI score0.01049EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-2524

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00628EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-3601

Malicious code in bioql PyPI...

3.3CVSS4.5AI score0.00104EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-29300

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.01127EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-42754

Malicious code in bioql PyPI...

3.7CVSS4.5AI score0.00795EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-3375

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 11.10 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions...

3.7CVSS4.9AI score0.00795EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-6812

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The first time AirPods are connected to an iPhone, they become named after the user's name by default e.g. Jane Doe's AirPods. Websites with camera or microphon...

5.3CVSS7.3AI score0.01561EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/07/23 2:25 p.m.17 views

git: Git does not sanitize URLs when asking for credentials interactively

A flaw was found in Git. This vulnerability occurs when Git requests credentials via a terminal prompt, for example, without the use of a credential helper. During this process, Git displays the host name for which the credentials are needed, but any URL-encoded parts are decoded and displayed...

4.7CVSS7.2AI score0.00643EPSS
Exploits0References7
NVD
NVD
added 2025/07/01 7:15 p.m.14 views

CVE-2025-6600

An exposure of sensitive information vulnerability was identified in GitHub Enterprise Server that could allow an attacker to disclose the names of private repositories within an organization. This issue could be exploited by leveraging a user-to-server token with no scopes via the Search API...

6.3CVSS0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:0 a.m.4 views

CVE-2023-1562

Mattermost fails to check the "Show Full Name" setting when rendering the result for the /plugins/focalboard/api/v2/users API call, allowing an attacker to learn the full name of a board owner...

4.3CVSS6.9AI score0.00464EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:49 p.m.7 views

CVE-2021-42326

Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter...

5.3CVSS6.7AI score0.01127EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 a.m.7 views

CVE-2019-19800

Zoho ManageEngine Applications Manager 14 before 14520 allows a remote unauthenticated attacker to disclose OS file names via FailOverHelperServlet...

5.3CVSS7AI score0.03893EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/12 5:28 a.m.9 views

CVE-2024-13374 WP Table Manager <= 4.1.3 - Missing Authorization to Authenticated (Subscriber+) Directory Traversal to Folder/File Name Disclosure

The WP Table Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on thewptmgetFolders AJAX action in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read...

4.3CVSS4.4AI score0.00284EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/14 12:0 a.m.3 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A security vulnerability exists in F5 BIG-IP that stems from an undisclosed request that could result in the disclosure of information about a...

5.3CVSS6.2AI score0.00301EPSS
Exploits0References3
Rows per page
Query Builder