Lucene search
K

208 matches found

CNNVD
CNNVD
added 2025/12/18 12:0 a.m.5 views

kroki 安全漏洞

kroki is an open source icon creation tool from Yuzu tech. A security vulnerability exists in kroki, which stems from an insufficient cleanup of the convert function, which could result in sending requests to arbitrary URLs and disclosing sensitive information...

8.7CVSS6.6AI score0.0025EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.4 views

AVideo 安全漏洞

AVideo is an open source broadcast network creation tool from World Wide Broadcast Network. A security vulnerability exists in AVideo versions prior to 20.0, which stems from multiple public API endpoints leaking absolute filesystem paths, potentially exposing the underlying filesystem structure...

7.5CVSS6.7AI score0.00731EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-50295

Name of the Vulnerable Software and Affected Versions Taguette versions prior to 1.5.2 Description Taguette is a qualitative research tool susceptible to an open redirect issue. Attackers can create malicious URLs that redirect authenticated users to arbitrary external websites. The application...

6.1CVSS5.9AI score0.00232EPSS
Exploits1References13
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.6 views

Caido 注入漏洞

Caido is an application from Caido open source. Designed to help security professionals and enthusiasts audit web applications efficiently and easily. An injection vulnerability exists in versions prior to Caido 0.53.0 that stems from mishandling of the Markdown renderer, which could result in an...

4.3CVSS7.1AI score0.00181EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.6 views

Tutor 安全漏洞

Tutor is an Overhang.IO open source tool for deploying and managing the Open edX platform. A security vulnerability exists in Tutor version 20.0.2, which stems from the lack of proper cache control HTTP headers and client-side session checking, and could lead to a local unauthorized attacker...

3.3CVSS6.1AI score0.00195EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.11 views

PT-2025-47501

Name of the Vulnerable Software and Affected Versions Rallly versions prior to 4.5.4 Description Rallly is a scheduling and collaboration tool. An Insecure Direct Object Reference IDOR exists in the poll duplication endpoint /api/trpc/polls.duplicate. An authenticated user can bypass access...

6.5CVSS6.4AI score0.00218EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.8 views

Conda Constructor 安全漏洞

Conda Constructor is a Conda open source tool for creating installers from conda packages. A security vulnerability exists in Conda Constructor 3.12.2 and earlier versions, which stems from the installation directory inheriting parent directory permissions, which could lead to modification...

7.8CVSS6.2AI score0.00117EPSS
Exploits0References4
NVD
NVD
added 2025/10/20 8:15 p.m.5 views

CVE-2025-62528

Taguette is an open source qualitative research tool. An issue has been discovered in Taguette versions prior to 1.5.0. It was possible for a project member to put JavaScript in name or description fields which would run on project load. This issue has been patched in version 1.5.0...

5.4CVSS0.00161EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/20 8:3 p.m.6 views

EUVD-2025-35097

Taguette is an open source qualitative research tool. An issue has been discovered in Taguette versions prior to 1.5.0. It was possible for an attacker to request password reset email containing a malicious link, allowing the attacker to set the email if clicked by the victim. This issue has been...

7.1CVSS6.4AI score0.00231EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/17 12:0 a.m.5 views

Flowise 安全漏洞

Flowise is a FlowiseAI open source tool for easily building LLM applications. A security vulnerability exists in Flowise 3.0.4 and earlier versions, which stems from a Supabase RPC Filter field that is not cleaned and escaped from user input, which could lead to remote code execution...

6.5CVSS7.5AI score0.00581EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/10/17 12:0 a.m.9 views

DataEase 跨站脚本漏洞

DataEase is an open source data visualization and analysis tool from DataEase Open Source. It is used to help users quickly analyze data and gain insight into business trends to achieve business improvement and optimization. A cross-site scripting vulnerability exists in DataEase 2.10.13 and...

6.9CVSS6.3AI score0.0026EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-0002

Malware in sbrugna...

8.6CVSS8.6AI score0.01846EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-0649

Malware in sbrugna...

7.5CVSS7.5AI score0.0209EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-0077

Malware in sbrugna...

5.5CVSS5.6AI score0.00297EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/10/06 12:0 a.m.7 views

Flowise 安全漏洞

Flowise is a FlowiseAI open source tool for easily building LLM applications. A security vulnerability exists in Flowise versions prior to 3.0.5 that stems from an unfiltered IFRAME element and could lead to a cross-site scripting attack...

8.2CVSS5.8AI score0.13138EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-2886

Malicious code in bioql PyPI...

10CVSS6.5AI score0.00597EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-19715

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00543EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2023-0128

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00659EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-0640

Malicious code in bioql PyPI...

8.2CVSS6.8AI score0.00539EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-26628

Malicious code in bioql PyPI...

6.3CVSS6.2AI score0.0052EPSS
Exploits0References3
Rows per page
Query Builder