Lucene search
+L

213 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-54905

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00545EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 5:23 p.m.6 views

EUVD-2025-32311

Cursor is a code editor built for programming with AI. In versions 1.7 and below, automatic loading of project-specific CLI configuration from the current working directory /.cursor/cli.json could override certain global configurations in Cursor CLI. This allowed users running the CLI inside a...

8.8CVSS7.3AI score0.00421EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/03 12:0 a.m.8 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Sep-2025 Release 1, which stems from improper privilege management and...

5.5CVSS6.3AI score0.001EPSS
Exploits0References1
CVE
CVE
added 2025/08/27 4:47 p.m.32 views

CVE-2025-34161

CVE-2025-34161 affects Coolify versions prior to v4.0.0-beta.420.7. A remote code execution flaw exists in the project deployment workflow: authenticated users with low privileges can inject arbitrary shell commands through the Git Repository field during project creation, leading to arbitrary co...

9.4CVSS8.2AI score0.03691EPSS
Exploits3References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.8 views

PT-2025-33493 · Plane · Plane

Name of the Vulnerable Software and Affected Versions: Plane versions prior to 0.28.0 Description: Plane is open-source project management software. A stored cross-site scripting XSS vulnerability exists in the description html field. This flaw allows an attacker to inject malicious JavaScript co...

5.4CVSS5.2AI score0.00207EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/08/12 11:35 p.m.3 views

SUSE CVE-2025-8341

Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...

5CVSS6.7AI score0.0029EPSS
Exploits0References3
Microsoft Security Update
Microsoft Security Update
added 2025/08/12 5:0 p.m.10 views

Azure File Sync Agent v19.2 Release – August 2025 (KB5040925)

Security Update for Azure File Sync agent version 19.2.0.0. For more details, see the associated Microsoft Knowledge Base article...

7.3AI score
Exploits0
Microsoft KB
Microsoft KB
added 2025/08/12 7:0 a.m.13 views

Description of the security update for SharePoint Server 2019: August 12, 2025 (KB5002769)

None None...

8.8CVSS6.8AI score0.1831EPSS
Exploits0
Amazon
Amazon
added 2025/08/08 12:0 a.m.4 views

Low: kernel6.12

Issue Overview: No CVE associated with this advisory Affected Packages: kernel6.12 Issue Correction: Run dnf update kernel6.12 --releasever 2023.8.20250808 or dnf update --advisory ALAS2023-2025-1129 --releasever 2023.8.20250808 to update your system. More information on how to update your system...

5.5CVSS6.8AI score0.00478EPSS
Exploits0
Amazon
Amazon
added 2025/08/08 12:0 a.m.6 views

Low: kernel

Issue Overview: No CVE associated with this advisory Affected Packages: kernel Issue Correction: Run dnf update kernel --releasever 2023.8.20250808 or dnf update --advisory ALAS2023-2025-1128 --releasever 2023.8.20250808 to update your system. More information on how to update your system can be...

5.5CVSS6.7AI score0.00478EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/08/08 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2025-113fc513c3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
OpenVAS
OpenVAS
added 2025/06/04 12:0 a.m.7 views

SUSE: Security Advisory (SUSE-SU-2025:01802-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7.1AI score0.00916EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2024-cd5c1dfa94)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.2AI score0.01029EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.8 views

Fedora: Security Advisory (FEDORA-2025-97351a4c2a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9AI score0.00657EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:29 a.m.10 views

CVE-2024-43801

Jellyfin is an open source self hosted media server. The Jellyfin user profile image upload accepts SVG files, allowing for a stored XSS attack against an admin user via a specially crafted malicious SVG file. When viewed by an admin outside of the Jellyfin Web UI e.g. via "view image" in a...

5.4CVSS5.2AI score0.00346EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:35 a.m.7 views

CVE-2023-41057

hyper-bump-it is a command line tool for updating the version in project files.hyper-bump-it reads a file glob pattern from the configuration file. That is combined with the project root directory to construct a full glob pattern that is used to find files that should be edited. These matched fil...

5.5CVSS6.8AI score0.00336EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 3:43 a.m.13 views

CVE-2023-30669

Out-of-bounds Write in DoOemFactorySendFactoryTestResult of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code...

7.8CVSS7.3AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:38 a.m.19 views

CVE-2019-19610

An issue was discovered in Halvotec RaQuest 10.23.10801.0. It allows session fixation. Fixed in Release 24.2020.20608.0...

5.8CVSS7AI score0.00873EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/05/19 12:0 a.m.9 views

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2025-1468)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.7AI score0.00801EPSS
Exploits0References2
OSV
OSV
added 2025/05/15 8:15 p.m.6 views

CVE-2024-8031

The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to download arbitrary files that may contain sensitive information like wp-config.php...

6.5CVSS5.8AI score0.00423EPSS
Exploits1References1
Rows per page
Query Builder