Lucene search
K

83 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-48375

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00859EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6627

Malicious code in bioql PyPI...

6.5CVSS9.2AI score0.00347EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-52538

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.03266EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-1127

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00972EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-38626

Malicious code in bioql PyPI...

6.7CVSS6.7AI score0.00318EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-0342

Malicious code in bioql PyPI...

5.3CVSS5.3AI score0.0129EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-47869

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01521EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/08/25 12:0 a.m.12 views

PT-2025-34595 · Mitsubishi · Melsec Iq-F Series Cpu Module

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module affected versions not specified Description: An improper handling of a length parameter inconsistency exists in the web server function of the product. This allows a remote,...

5.3CVSS7AI score0.00546EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2025/08/06 5:6 p.m.11 views

tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter

Summary [email protected] is vulnerable to an Arbitrary temporary file / directory write via symbolic link dir parameter. Details According to the documentation there are some conditions that must be held: // https://github.com/raszi/node-tmp/blob/v0.2.3/README.md?plain=1L41-L50 Other breaking changes,...

5.3CVSS6.3AI score0.00309EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2025/07/11 5:10 p.m.28 views

CVE-2025-43856 immich allows account hijacking through oauth2

immich is a high performance self-hosted photo and video management solution. Prior to 1.132.0, immich is vulnerable to account hijacking through oauth2, because the state parameter is not being checked. The oauth2 state parameter is similar to a csrf token, so when the user starts the login flow...

7.3CVSS0.00325EPSS
Exploits0References1
CVE
CVE
added 2025/07/10 11:25 p.m.29 views

CVE-2025-53515

Advantech iView is affected by CVE-2025-53515. The vulnerability exists in NetworkServlet.archiveTrap() and enables SQL injection with remote code execution. An authenticated attacker with at least user-level privileges can exploit insufficient input sanitization to perform SQL injection and pote...

8.8CVSS8.1AI score0.005EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/06/23 12:0 a.m.4 views

Dromara MaxKey 代码问题漏洞

Dromara MaxKey is an IAM-IDaas identity management and authentication product from Dromara open source. A code issue vulnerability exists in Dromara MaxKey version 4.1.7 and earlier, which stems from a misbehavior of the parameter post, leading to server-side request forgery...

9.8CVSS6.7AI score0.00423EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/06/19 2:26 a.m.8 views

CVE-2025-5673

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to SQL Injection via the ‘prgSortPostType’ parameter in all versions up to, and including, 8.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQ...

6.5CVSS6.4AI score0.00261EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/29 12:0 a.m.4 views

mccms 代码问题漏洞

mccms Man City CMS is a rapid website building system for individual developers of China Smokey River South chshcms. A code issue vulnerability exists in version 2.7 of mccms, which stems from improper handling of the pic parameter in the file sys/apps/controllers/api/Gf.php, which may lead to...

8.8CVSS6.6AI score0.00428EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 5:30 a.m.10 views

CVE-2023-41559

Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42multi, and Tenda AC5 V1.0RTLV15.03.06.28 were discovered to contain a stack overflow via parameter page at url /goform/NatStaticSetting...

9.8CVSS8AI score0.00701EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:9 a.m.7 views

CVE-2023-38889

An issue in Alluxio v.2.9.3 and before allows an attacker to execute arbitrary code via a crafted script to the username parameter of lluxio.util.CommonUtils.getUnixGroupsjava.lang.String...

9.8CVSS7.6AI score0.00985EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 1:6 a.m.17 views

CVE-2022-46934

kkFileView v4.1.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...

6.1CVSS6.1AI score0.01084EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 12:6 a.m.10 views

CVE-2022-25396

Cosmetics and Beauty Product Online Store v1.0 was discovered to contain a SQL injection vulnerability via the search parameter...

9.8CVSS8.3AI score0.0122EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:54 p.m.3 views

CVE-2022-32404

Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/inmates/manageinmate.php:3...

8.8CVSS8.3AI score0.01171EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:47 p.m.12 views

CVE-2022-45509

Tenda W30E V1.0.1.25633 was discovered to contain a stack overflow via the account parameter at /goform/addUserName...

7.5CVSS7.8AI score0.00859EPSS
Exploits1References1
Rows per page
Query Builder