Lucene search
K

32 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-31152

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.0035EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-31153

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00495EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-31142

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00402EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/26 12:52 a.m.13 views

CVE-2025-29155

An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE endpoint...

6.5CVSS8AI score0.00402EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/26 12:52 a.m.17 views

CVE-2025-29157

An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a non-existent endpoint/cart, the server returns a 404-error page exposing sensitive information including the Servlet name default and server version...

6.5CVSS7.8AI score0.00495EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/26 12:52 a.m.10 views

CVE-2025-29156

Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet...

6.1CVSS7AI score0.0035EPSS
Exploits0References1
NVD
NVD
added 2025/09/25 7:15 p.m.15 views

CVE-2025-29157

An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a non-existent endpoint/cart, the server returns a 404-error page exposing sensitive information including the Servlet name default and server version...

6.5CVSS0.00495EPSS
Exploits1References3
OSV
OSV
added 2025/09/25 7:15 p.m.5 views

CVE-2025-29156

Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet...

6.1CVSS6.1AI score0.0035EPSS
Exploits0References3
OSV
OSV
added 2025/09/25 7:15 p.m.5 views

CVE-2025-29157

An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a non-existent endpoint/cart, the server returns a 404-error page exposing sensitive information including the Servlet name default and server version...

6.5CVSS6.1AI score0.00495EPSS
Exploits1References3
NVD
NVD
added 2025/09/25 7:15 p.m.6 views

CVE-2025-29156

Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet...

6.1CVSS0.0035EPSS
Exploits0References3
NVD
NVD
added 2025/09/25 6:15 p.m.12 views

CVE-2025-29155

An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE endpoint...

6.5CVSS0.00402EPSS
Exploits0References3
OSV
OSV
added 2025/09/25 6:15 p.m.4 views

CVE-2025-29155

An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE endpoint...

6.5CVSS6.1AI score0.00402EPSS
Exploits0References3
CVE
CVE
added 2025/09/25 12:0 a.m.18 views

CVE-2025-29156

The CVE-2025-29156 entry concerns the Swagger Petstore sample (petstore) software, version 1.0.7, with a Cross Site Scripting (XSS) vulnerability in the /api/v3/pet endpoint. The root cause is input handling that allows crafted scripts to be processed, enabling a remote attacker to execute arbitr...

6.1CVSS6.7AI score0.0035EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2025/09/25 12:0 a.m.22 views

CVE-2025-29157

CVE-2025-29157 concerns the Swagger Petstore sample (version 1.0.7). The issue occurs when an attacker accesses a non-existent endpoint like /cart, causing the server to return a 404 error page that reveals sensitive information, including the servlet name (default) and server version. The descri...

6.5CVSS7.4AI score0.00495EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/25 12:0 a.m.3 views

CVE-2025-29155

An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE endpoint...

7.6AI score0.00402EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/25 12:0 a.m.16 views

PT-2025-39440

Name of the Vulnerable Software and Affected Versions petstore version 1.0.7 Description An issue allows a remote attacker to execute arbitrary code by accessing a non-existent endpoint /cart. The server responds with a 404-error page that reveals sensitive information, including the Servlet name...

6.5CVSS7.4AI score0.00495EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2025/09/25 12:0 a.m.3 views

CVE-2025-29156

Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet...

6.7AI score0.0035EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/25 12:0 a.m.5 views

Swagger Petstore Sample 安全漏洞

Swagger Petstore Sample is a sample petstore system in the Swagger open source. A security vulnerability exists in Swagger Petstore Sample version 1.0.7, which stems from a server returning a 404 error page and exposing sensitive information when accessing a non-existent endpoint or shopping cart...

6.5CVSS7.7AI score0.00495EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/09/25 12:0 a.m.8 views

Swagger Petstore Sample 安全漏洞

Swagger Petstore Sample is a sample petstore system in the Swagger open source. A security vulnerability exists in Swagger Petstore Sample version 1.0.7 that stems from the DELETE endpoint not properly validating input, which could lead to remote code execution...

6.5CVSS7.7AI score0.00402EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/25 12:0 a.m.12 views

CVE-2025-29156

Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet...

0.0035EPSS
Exploits0References3
Rows per page
Query Builder