Lucene search
+L

1452 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-12044

Malicious code in bioql PyPI...

7.1CVSS7.7AI score0.00139EPSS
Exploits0References2
NVD
NVD
added 2025/09/05 10:15 p.m.11 views

CVE-2025-58366

Onyxia is a data science environment for kubernetes. In versions 4.6.0 through 4.8.0, Onyxia-API leaked the credentials of private helm repositories in the public unauthenticated /public/catalogs endpoint.vOnly instances using private helm repositories i.e setting username & password in the...

9.4CVSS0.00328EPSS
Exploits0References3
NVD
NVD
added 2025/09/05 3:15 p.m.6 views

CVE-2025-58780

index.em7 in ScienceLogic SL1 before 12.1.1 allows SQL Injection via a parameter in a request. NOTE: this is disputed by the Supplier because it "inaccurately describes the vulnerability."...

7.2CVSS0.00214EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/05 12:0 a.m.11 views

CVE-2025-58780

index.em7 in ScienceLogic SL1 before 12.1.1 allows SQL Injection via a parameter in a request. NOTE: this is disputed by the Supplier because it "inaccurately describes the vulnerability."...

7.2CVSS0.00214EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/08/27 12:0 a.m.5 views

Zeek 8.0.1

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

7.5AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-15147 Malicious code in avail-able-albu-m-down-load-38244-here-comes-science-ezvvi-tqkldb (npm)

The package avail-able-albu-m-down-load-38244-here-comes-science-ezvvi-tqkldb was found to contain malicious code...

7.2AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2025/07/24 12:0 a.m.6 views

A Bootiful Podcast: José Paumard, Java developer advocate and professor

Hi, Spring fans! In this installment, recorded at Devoxx UK 2025, I talk to the legendary professor of computer science and legend José Paumard about Java, the ecosystem, and more,...

7.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/07/07 11:20 a.m.5 views

Hiding Prompt Injections in Academic Papers

Academic papers were found to contain hidden instructions to LLMs: It discovered such prompts in 17 articles, whose lead authors are affiliated with 14 institutions including Japan's Waseda University, South Korea's KAIST, China's Peking University and the National University of Singapore, as wel...

7.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/05/30 11:5 a.m.7 views

Why Take9 Won’t Improve Cybersecurity

There's a new cybersecurity awareness campaign: Take9. The idea is that people--you, me, everyone--should just pause for nine seconds and think more about the link they are planning to click on, the file they are planning to download, or whatever it is they are planning to share. There's a...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/26 12:0 a.m.8 views

Engineering Trustworthy Machine-Learning Operations with Zero-Knowledge Proofs

As Artificial Intelligence AI systems, particularly those based on machine learning ML, become integral to high-stakes applications, their probabilistic and opaque nature poses significant challenges to traditional verification and validation methods. These challenges are exacerbated in regulated...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:27 a.m.10 views

CVE-2024-52353

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gabriel Serafini Christian Science Bible Lesson Subjects christian-science-bible-lesson-subjects allows DOM-Based XSS.This issue affects Christian Science Bible Lesson Subjects: from n/a through =...

6.5CVSS7.2AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:10 p.m.17 views

CVE-2021-2138

Vulnerability in the Oracle Cloud Infrastructure Data Science Notebook Sessions. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the Oracle Cloud Infrastructure Data Science Notebook Sessions executes...

4.6CVSS5.5AI score0.00441EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:55 a.m.10 views

CVE-2018-15665

An issue was discovered in Cloudera Data Science Workbench CDSW 1.2.x through 1.4.0. Unauthenticated users can get a list of user accounts...

5.3CVSS6.9AI score0.01195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:9 a.m.9 views

CVE-2018-11215

Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors...

9.8CVSS7.8AI score0.02399EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:8 a.m.12 views

CVE-2018-20090

An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...

8.3CVSS7.1AI score0.00832EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:58 a.m.10 views

CVE-2018-20091

An SQL injection vulnerability was found in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encrypted CDSW passwords in the case of local...

9.9CVSS7.5AI score0.01009EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:17 p.m.7 views

CVE-2004-2207

Cross-site scripting XSS vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS5.8AI score0.01164EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/12 12:0 a.m.7 views

Zeek 7.0.7

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/04/26 5:15 p.m.20 views

CVE-2025-46465

Cross-Site Request Forgery CSRF vulnerability in John Weissberg Print Science Designer print-science-designer allows Stored XSS.This issue affects Print Science Designer: from n/a through = 1.3.155...

7.1CVSS7.2AI score0.00139EPSS
Exploits0References1
NVD
NVD
added 2025/04/24 4:15 p.m.16 views

CVE-2025-46465

Cross-Site Request Forgery CSRF vulnerability in John Weissberg Print Science Designer print-science-designer allows Stored XSS.This issue affects Print Science Designer: from n/a through = 1.3.155...

7.1CVSS0.00139EPSS
Exploits0References1
Rows per page
Query Builder