Lucene search
K

61 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-10376

Malware in sbrugna...

6.1CVSS6.3AI score0.00897EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-5057

Malware in sbrugna...

6.9CVSS6.4AI score0.00405EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-37078

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.0509EPSS
Exploits4References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-8838

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.0044EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/21 5:20 p.m.3 views

CVE-2025-57768 Stored XSS in “hours” fields when creating or editing an issue, using SQLite database

Phproject is a high performance full-featured project management system. From 1.8.0 to before 1.8.3, a Stored Cross-Site Scripting XSS vulnerability exists in the Planned Hours field when creating a new project. When sending a POST request to /issues/new/, the value provided in the Planned Hours...

6.9CVSS5.6AI score0.00377EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:24 p.m.6 views

CVE-2021-25071

The WordPress plugin through 2.0.1 does not sanitise and escape the translation parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.5AI score0.00788EPSS
Exploits2References1
NVD
NVD
added 2025/05/14 2:15 p.m.12 views

CVE-2025-3600

In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service...

7.5CVSS0.19057EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/14 12:0 a.m.6 views

PT-2025-21164

Name of the Vulnerable Software and Affected Versions Progress Telerik UI for AJAX versions 2011.2.712 through 2025.1.218 Description An unsafe reflection issue exists in Progress Telerik UI for AJAX. This flaw can lead to an unhandled exception, potentially causing a crash of the hosting process...

7.8CVSS9.3AI score0.19057EPSS
Exploits0References29
RedhatCVE
RedhatCVE
added 2025/04/02 4:37 p.m.14 views

CVE-2025-2794

An unsafe reflection vulnerability in Kentico Xperience allows an unauthenticated attacker to kill the current process, leading to a Denial-of-Service condition. This issue affects Xperience: through 13.0.180...

8.7CVSS7.2AI score0.0044EPSS
Exploits0References1
CVE
CVE
added 2025/03/31 4:22 p.m.69 views

CVE-2025-2794

CVE-2025-2794 describes an unsafe reflection vulnerability in Kentico Xperience (affecting Xperience up to and including version 13.0.180). An unauthenticated attacker can trigger the vulnerability to terminate the current process, resulting in a Denial-of-Service condition. The issue is rooted i...

8.7CVSS7.5AI score0.0044EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/06 12:6 a.m.10 views

CVE-2022-47153

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPJobBoard Jobeleon Theme allows Reflected XSS.This issue affects Jobeleon Theme: from n/a through 1.9.1...

7.1CVSS8.6AI score0.00372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:2 p.m.13 views

CVE-2024-0200

An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the...

9.8CVSS7.9AI score0.71725EPSS
Exploits1References1
OSV
OSV
added 2024/01/16 7:15 p.m.4 views

CVE-2024-0200

An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the...

9.8CVSS6.1AI score0.71725EPSS
Exploits1References4
Prion
Prion
added 2024/01/16 7:15 p.m.23 views

Design/Logic Flaw

An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the...

7.5CVSS8.3AI score0.71725EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/01/16 6:50 p.m.28 views

CVE-2024-0200 Unsafe Reflection in Github Enterprise Server leading to Command Injection

An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the...

7.2CVSS10AI score0.71725EPSS
Exploits1References4
CVE
CVE
added 2024/01/16 6:50 p.m.78 views

CVE-2024-0200

CVE-2024-0200 (GitHub Enterprise Server) is an unsafe reflection vulnerability that can enable remote code execution. Authenticated attackers with an organization owner role can exploit it to run user-controlled methods, compromising the GHES instance. Affected versions are all prior to 3.12; fix...

9.8CVSS8AI score0.71725EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/26 12:0 a.m.7 views

PT-2023-8397 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.8.13 GitHub Enterprise Server versions prior to 3.9.8 GitHub Enterprise Server versions prior to 3.10.5 GitHub Enterprise Server versions prior to 3.11.3 GitHub Enterprise Server versions prior to...

9.8CVSS8.1AI score0.71725EPSS
Exploits1References42
Vulnrichment
Vulnrichment
added 2023/05/31 12:0 a.m.9 views

CVE-2023-32217 SailPoint IdentityIQ Unsafe use of Reflection Vulnerability

IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p3, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p6, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6 allow an authenticated user to invoke a Java constructor with no arguments...

9CVSS8.1AI score0.00628EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/08/01 12:2 p.m.5 views

Mozilla: Directory indexes for bundled resources reflected URL parameters

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when visiting directory listings for chrome:// URLs as source text, some parameters were reflected...

5.3CVSS7.2AI score0.00493EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/10/05 12:0 a.m.18 views

Rails Unsafe Reflection

Ruby On Rails is a popular framework used to build web applications based on the Model-View-Controller MVC architectural pattern. Ruby On Rails provides a method called constantize which allows developers to dynamically find a constant by using a string. The most common usage of this method is to...

8.1AI score
Exploits0References3
Rows per page
Query Builder