Lucene search
K

42 matches found

EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40768

Insufficient policy enforcement in DevTools in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Low...

5.8AI score0.00175EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 9:6 p.m.20 views

CVE-2026-58448

CVE-2026-58448 affects yudao-cloud (BPM module) prior to 2026.06. A broken access control flaw allows any authenticated user to read arbitrary process instance records by supplying a caller-controlled process-instance identifier to an unprotected GET endpoint that lacks the @PreAuthorize annotati...

7.1CVSS5.9AI score0.00235EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 9:6 p.m.38 views

CVE-2026-58448 yudao-cloud < 2026.06 - BPM Module Broken Access Control via process-instance API

yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated user to access arbitrary process instance records by supplying a caller-controlled process-instance identifier to an unprotected endpoint lacking the @PreAuthorize annotation...

7.1CVSS0.00235EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/30 9:6 p.m.6 views

CVE-2026-58448 yudao-cloud < 2026.06 - BPM Module Broken Access Control via process-instance API

yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated user to access arbitrary process instance records by supplying a caller-controlled process-instance identifier to an unprotected endpoint lacking the @PreAuthorize annotation...

7.1CVSS5.9AI score0.00235EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 10:16 a.m.19 views

CVE-2023-45796

A stored cross-site scripting vulnerability in the Runtime component of Pilz PASvisu before 1.14.1 and PMI v8xx up to and including 2.0.33992 allows a low-privileged remote unauthenticated attacker to manipulate process data with potential impact on integrity and/or availability...

8.1CVSS0.00349EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 9:4 a.m.32 views

CVE-2023-45796 XSS vulnerability in Pilz PASvisu and PMI v8xx

A stored cross-site scripting vulnerability in the Runtime component of Pilz PASvisu before 1.14.1 and PMI v8xx up to and including 2.0.33992 allows a low-privileged remote unauthenticated attacker to manipulate process data with potential impact on integrity and/or availability...

8.1CVSS0.00349EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 9:4 a.m.14 views

CVE-2023-45796

The CVE-2023-45796 applies to Pilz PASvisu Runtime (before 1.14.1) and PMI v8xx (up to 2.0.33992). It is a stored XSS that allows a low-privileged, remote, unauthenticated attacker to manipulate process data, affecting integrity and availability. CVSSv3.1: 8.1 (HIGH); AV:N, AC:L, PR:L, UI:N, S:U,...

8.1CVSS5.7AI score0.00349EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 9:4 a.m.12 views

EUVD-2023-60593

A stored cross-site scripting vulnerability in the Runtime component of Pilz PASvisu before 1.14.1 and PMI v8xx up to and including 2.0.33992 allows a low-privileged remote unauthenticated attacker to manipulate process data with potential impact on integrity and/or availability...

8.1CVSS5.7AI score0.00349EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 9:48 p.m.16 views

CVE-2026-41155

The CVE-2026-41155 entry describes a vulnerability in GPU DDK where shared secure memory allocations are mapped into all GPU virtual address spaces, enabling cooperative data transfer between secure GPU processes and potential disruption of others, causing image corruption or GPU hardware recover...

5.5CVSS5.4AI score0.00106EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/04 2:34 p.m.11 views

CVE-2026-40930

LIBPNG is a reference library for use in applications that process PNG Portable Network Graphics raster image files. In version 1.8.0, three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming the chunk body and CRC, allowing...

5.4CVSS5.8AI score0.00202EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.10 views

EulerOS Virtualization 2.13.0 : systemd (EulerOS-SA-2025-2601)

According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a...

4.7CVSS5.9AI score0.0066EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-16486

Malicious code in bioql PyPI...

4.7CVSS5.2AI score0.0066EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-23243

Malicious code in bioql PyPI...

3.3CVSS6.4AI score0.00181EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-5858

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00151EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/17 2:56 p.m.4 views

CVE-2022-50354 drm/amdkfd: Fix kfd_process_device_init_vm error handling

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfdprocessdeviceinitvm error handling Should only destroy the ibmem and let process cleanup worker to free the outstanding BOs. Reset the pointer in pdd-qpd structure, to avoid NULL pointer access in process destr...

6.1AI score0.00187EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/05/16 12:0 a.m.8 views

Privacy and Confidentiality Requirements Engineering for Process Data

The application and development of process mining techniques face significant challenges due to the lack of publicly available real-life event logs. One reason for companies to abstain from sharing their data are privacy and confidentiality concerns. Privacy concerns refer to personal data as...

6.9AI score
Exploits0
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: xfs: added bounds checking to xlogrecoverprocessdata There is a lack of verification of the space occupied by fixed members of xlogopheader in xlogrecoverprocessdata. We can create a crafted image to trigger an out-of-bounds read...

7.1CVSS6.3AI score0.00224EPSS
Exploits0References3
OSV
OSV
added 2024/12/27 3:15 p.m.3 views

UBUNTU-CVE-2024-56666

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Dereference null return value In the function pqmuninit there is a call-assignment of "pdd = kfdgetprocessdevicedata" which could be null, and this value was later dereferenced without checking...

5.5CVSS6.5AI score0.0018EPSS
Exploits0References5
CNVD
CNVD
added 2024/09/12 12:0 a.m.6 views

Siemens SIMATIC SCADA and PCS 7 systems Remote Code Execution Vulnerability

SIMATIC Information Server is used to report and visualize process data stored in SIMATIC process Historian, the SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC PCS-neo long-term archiving system. It stores process values, alarms, and batch data from the production plant in its database and provides...

9.4CVSS8.2AI score0.0061EPSS
Exploits0References1
OSV
OSV
added 2023/10/12 4:15 p.m.4 views

CVE-2023-22308

An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability...

7.5CVSS7.1AI score0.00728EPSS
Exploits1References2
Rows per page
Query Builder