Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2097 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-19860

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.03343EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-23572

Malicious code in bioql PyPI...

7.7CVSS6.3AI score0.00382EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-15051

Malicious code in bioql PyPI...

8.8CVSS9AI score0.02081EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-3622

Malicious code in bioql PyPI...

4CVSS6.3AI score0.00199EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-21413

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.02664EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-19131

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00948EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-20431

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.0172EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2025/10/01 9:21 p.m.8 views

Auth0 Wordpress plugin Does Not Properly Handle File Types in Bulk User Import

Overview In applications built with the Auth0-PHP SDK, the Bulk User Import endpoint does not validate the file path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths or URLs. Am I affected? You are affected by this vulnerability if you meet the...

3.3CVSS7.1AI score0.00102EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blogadded 2025/10/01 9:20 p.m.6 views

auth0-PHP SDK Does Not Properly Handle File Types in Bulk User Import

Overview In applications built with the Auth0-PHP SDK, the Bulk User Import endpoint does not validate the file path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths or URLs. Am I affected? You are affected by this vulnerability if you meet the...

3.3CVSS7.1AI score0.00102EPSS
Exploits0References8Affected Software1
NVD
NVDadded 2025/10/01 8:18 p.m.9 views

CVE-2025-58769

auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...

3.3CVSS0.00102EPSS
Exploits0References6
OSV
OSVadded 2025/10/01 7:57 p.m.6 views

CVE-2025-58769 auth0-PHP: Improper File Type Handling in Bulk User Import

auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...

3.3CVSS6.7AI score0.00102EPSS
Exploits0References8
Cvelist
Cvelistadded 2025/10/01 7:57 p.m.21 views

CVE-2025-58769 auth0-PHP: Improper File Type Handling in Bulk User Import

auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...

3.3CVSS0.00102EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2025/10/01 12:0 a.m.2 views

PT-2025-40296

Name of the Vulnerable Software and Affected Versions auth0-PHP versions 3.3.0 through 8.16.0 Description The Bulk User Import endpoint does not validate file path wrappers or values, potentially allowing acceptance of arbitrary file paths or URLs. This affects applications directly using the...

3.3CVSS6.8AI score0.00102EPSS
Exploits0References21
NVD
NVDadded 2025/09/26 7:15 a.m.2 views

CVE-2025-10307

The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete backup functionality in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with...

6.5CVSS0.0331EPSS
Exploits0References2
CVE
CVEadded 2025/09/26 6:43 a.m.16 views

CVE-2025-10307

CVE-2025-10307 – Backuply WordPress plugin . Affected: Backuply – Backup, Restore, Migrate and Clone (all versions up to 1.4.8). Root cause: insufficient validation of file paths in the delete backup feature, enabling an authenticated attacker with Administrator+ privileges to delete arbitrary se...

6.5CVSS7AI score0.0331EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/09/26 6:43 a.m.1 views

CVE-2025-10307 Backuply – Backup, Restore, Migrate and Clone <= 1.4.8 - Authenticated (Admin+) Arbitrary File Deletion

The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete backup functionality in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with...

6.5CVSS7AI score0.0331EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/09/26 6:43 a.m.5 views

CVE-2025-10307 Backuply – Backup, Restore, Migrate and Clone <= 1.4.8 - Authenticated (Admin+) Arbitrary File Deletion

The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete backup functionality in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with...

6.5CVSS0.0331EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/09/26 12:0 a.m.2 views

PT-2025-39517

Name of the Vulnerable Software and Affected Versions Backuply – Backup, Restore, Migrate and Clone plugin for WordPress versions through 1.4.8 Description The Backuply plugin for WordPress is susceptible to arbitrary file deletion because of inadequate file path validation within the delete back...

6.5CVSS7.5AI score0.0331EPSS
Exploits0References6
SUSE CVE
SUSE CVEadded 2025/09/25 11:28 p.m.1 views

SUSE CVE-2025-9079

Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.10.x = 10.10.1, 10.9.x = 10.9.3 fail to validate import directory path configuration which allows admin users to execute arbitrary code via malicious plugin upload to prepackaged plugins directory...

7.2CVSS8.1AI score0.00076EPSS
Exploits0References2
OSV
OSVadded 2025/09/25 8:47 a.m.4 views

BIT-MLFLOW-2025-52967

gatewayproxyhandler in MLflow before 3.1.0 lacks gatewaypath validation...

5.8CVSS7AI score0.00247EPSS
Exploits0References4
Rows per page
Query Builder