Lucene search
K

565 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in fb-deku-rm (npm)

The package fb-deku-rm was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in fca-d-rm (npm)

The package fca-d-rm was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-20266 Malicious code in fb-deku-rm (npm)

The package fb-deku-rm was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/28 5:52 a.m.5 views

Malicious code in rm-api-services (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea2d07f3cf2fca9f2d9c28bb289065312eb770f303ac487e0ffe75bba11604a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/05/28 5:52 a.m.2 views

MAL-2025-4533 Malicious code in rm-api-services (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea2d07f3cf2fca9f2d9c28bb289065312eb770f303ac487e0ffe75bba11604a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 5:56 a.m.9 views

CVE-2023-4709

A vulnerability classified as problematic has been found in TOTVS RM 12.1. Affected is an unknown function of the file Login.aspx of the component Portal. The manipulation of the argument VIEWSTATE leads to cross site scripting. It is possible to launch the attack remotely. The complexity of an...

6.1CVSS6.1AI score0.00336EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:3 a.m.7 views

CVE-2023-46914

SQL Injection vulnerability in RM bookingcalendar module for PrestaShop versions 2.7.9 and before, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via icsexport.php...

9.8CVSS8.6AI score0.00801EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:53 p.m.8 views

CVE-2021-44837

An issue was discovered in Delta RM 1.2. It is possible for an unprivileged user to access the same information as an admin user regarding the risk creation information in the /risque/administration/referentiel/json/create/categorie endpoint, using the idcat1 query parameter to indicate the risk...

4.3CVSS6.7AI score0.00808EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 6:53 p.m.9 views

CVE-2021-44839

An issue was discovered in Delta RM 1.2. It is possible to request a new password for any other account using the account ID. Using the /listes/DTsendmaildata/admutilisateur/send-mail.json endpoint, a user can send a JSON array with user IDs that will have their passwords reset and new ones sent ...

6.5CVSS7.1AI score0.00577EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:53 p.m.6 views

CVE-2021-44838

An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax-details endpoint, with a POST request indicating the risk to access with the id parameter, it is possible for users to access risks of other companies...

5CVSS6.8AI score0.0092EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 6:10 p.m.8 views

CVE-2021-44836

An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/reset endpoint is lacking access controls, and it is possible for an unprivileged user to reopen a risk with a POST request, using the risqueID parameter to identify the risk to be re-opened...

4.3CVSS6.8AI score0.00581EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 8:20 a.m.6 views

CVE-2019-15854

An issue was discovered in Maarch RM before 2.5. A privilege escalation vulnerability allows an authenticated user with lowest privileges to give herself highest administration privileges via a crafted PUT request to an unauthorized resource...

8.8CVSS6.9AI score0.01283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:33 a.m.5 views

CVE-2014-9448

Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 allows remote attackers to execute arbitrary code or cause a denial of service crash via a long string in a WAX file...

7.5CVSS8.4AI score0.06305EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:38 a.m.6 views

CVE-2019-15855

An issue was discovered in Maarch RM before 2.5. A path traversal vulnerability allows an unauthenticated remote attacker to overwrite any files with a crafted POST request if the default installation procedure was followed. This results in a permanent Denial of Service...

9.1CVSS7AI score0.01508EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/05/15 4:21 p.m.4 views

rm-gallery (>=0.1.0 <=0.1.2) potentially affected by CVE-2025-47783 via label-studio (=1.17.0)

label-studio PYPI version =1.17.0 is affected by a known vulnerability. The following packages have a transitive dependency on label-studio and may be impacted: - rm-gallery =0.1.0, =0.1.2 Source cves: CVE-2025-47783 Source advisory: SNYK:PYTHON-LABELSTUDIO-10182217...

7.6CVSS5.8AI score0.0054EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/05/15 4:21 p.m.6 views

rm-gallery (>=0.1.0 <=0.1.2) potentially affected by CVE-2025-47783 via label-studio (=1.17.0)

label-studio PYPI version =1.17.0 is affected by a known vulnerability. The following packages have a transitive dependency on label-studio and may be impacted: - rm-gallery =0.1.0, =0.1.2 Source cves: CVE-2025-47783 Source advisory: OSV:GHSA-8JHR-WPCM-HH4H...

7.6CVSS5.8AI score0.0054EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/05/14 11:15 p.m.6 views

rm-gallery (>=0.1.0 <=0.1.2) potentially affected by CVE-2025-47783 via label-studio (=1.17.0)

label-studio PYPI version =1.17.0 is affected by a known vulnerability. The following packages have a transitive dependency on label-studio and may be impacted: - rm-gallery =0.1.0, =0.1.2 Source cves: CVE-2025-47783 Source advisory: OSV:PYSEC-2025-124...

7.6CVSS5.8AI score0.0054EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.4 views

kernel: mptcp: pm: only decrement add_addr_accepted for MPJ req

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only decrement addaddraccepted for MPJ req Adding the following warning ... WARNONONCEmsk-pm.addaddraccepted == 0 ... before decrementing the addaddraccepted counter helped to find a bug when running the "remove single...

5.5CVSS6.5AI score0.00221EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2025/03/20 9:30 a.m.6 views

io.xuxiaowei.seata:seata-server (>=2.1.0 <=2.2.0), org.apache.seata:seata-compressor-all (>=2.1.0 <=2.2.0) +5 more potentially affected by CVE-2024-54016 via org.apache.seata:seata-compressor-zstd (>=2.1.0 <=2.2.0)

org.apache.seata:seata-compressor-zstd MAVEN version =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.2.0 Source cves: CVE-2024-54016 Source advisory: SNYK:JAVA-ORGAPACHESEATA-9521513...

4.3CVSS5.8AI score0.00567EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/03/20 9:30 a.m.6 views

com.weicoder:seata (>=3.5.1 <=3.6.2), io.seata:seata-compressor-all (>=1.5.0 <=2.0.0) +7 more potentially affected by CVE-2024-54016 via io.seata:seata-compressor-zstd (>=1.5.0 <=2.0.0)

io.seata:seata-compressor-zstd MAVEN version =1.5.0, =3.5.1, =1.5.0, =1.5.0, =1.8.0, =1.5.0, =1.7.0, =1.8.0, =2.0.0 Source cves: CVE-2024-54016 Source advisory: SNYK:JAVA-IOSEATA-9521514...

4.3CVSS5.8AI score0.00567EPSS
Exploits0
Rows per page
Query Builder