Lucene search
K

73 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-18374

Malware in sbrugna...

7.5CVSS6.7AI score0.00484EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-42861

Malicious code in bioql PyPI...

6.8CVSS6.5AI score0.00323EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-43459

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01135EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-19506

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00353EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-35242

Malicious code in bioql PyPI...

6.8CVSS6.8AI score0.00216EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-3979

Malicious code in bioql PyPI...

8.2CVSS6.5AI score0.00132EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.4 views

IBM Jazz for Service Management 安全漏洞

IBM Jazz for Service Management is an integrated service management product from International Business Machines IBM that provides visibility into the service management environment. A security vulnerability exists in IBM Jazz for Service Management versions 1.1.3.0 through 1.1.3.24, which stems...

4.3CVSS6.5AI score0.00165EPSS
Exploits0References2
OSV
OSV
added 2025/06/30 2:15 a.m.6 views

CVE-2025-46014

Several services in Honor Device Co., Ltd Honor PC Manager v16.0.0.118 was discovered to connect services to the named pipe iMateBookAssistant with default or overly permissive security attributes, leading to a privilege escalation...

8.8CVSS5.8AI score0.00353EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2025/06/30 12:0 a.m.5 views

PT-2025-27396 · Honor · Honor Pc Manager

Name of the Vulnerable Software and Affected Versions: Honor PC Manager version 16.0.0.118 Description: A privilege escalation issue was discovered in Honor PC Manager, where several services connect to the named pipe iMateBookAssistant with default or overly permissive security attributes...

8.8CVSS6.5AI score0.00353EPSS
Exploits2References7
RedhatCVE
RedhatCVE
added 2025/05/23 8:49 a.m.8 views

CVE-2024-35211

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes such as “Secure”, “HttpOnly”, or “SameSite”...

6.8CVSS6.9AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:6 p.m.9 views

CVE-2020-13770

Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITY\SYSTEM’, the issue can be used to escalate privileges from a local standard or service account having...

7.8CVSS7.1AI score0.0046EPSS
Exploits0
Veracode
Veracode
added 2025/04/07 7:17 a.m.7 views

Missing Encryption Of Sensitive Data

org.opendaylight.sfc, odl-sfc-openflow-renderer is vulnerable to Missing Encryption of Sensitive Data. The vulnerability is due to missing security attributes or transmission over unencrypted channels, allowing Man-in-the-Middle attacks to access sensitive information...

8.1CVSS7AI score0.00204EPSS
Exploits0References3Affected Software2
CNNVD
CNNVD
added 2025/03/26 12:0 a.m.4 views

HCL SX 安全漏洞

HCL SX is an application from HCL India. A security vulnerability exists in HCL SX that stems from not setting security attributes on authorization tokens or session cookies, which could lead to cross-site request forgery attacks...

5.5CVSS6.7AI score0.00205EPSS
Exploits0References1
OSV
OSV
added 2025/02/11 3:20 p.m.8 views

CVE-2025-24897 Misskey CSRF vulnerability due to insecure configuration of authentication cookie attributes

Misskey is an open source, federated social media platform. Starting in version 12.109.0 and prior to version 2025.2.0-alpha.0, due to a lack of CSRF protection and the lack of proper security attributes in the authentication cookies of Bull's dashboard, some of the APIs of bull-board may be...

8.2CVSS7AI score0.00132EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/31 8:27 p.m.11 views

Security Bulletin: IBM i is vulnerable to an authenticated user gaining elevated privilege to a physical file [CVE-2024-47104].

Summary IBM i is vulnerable to an authenticated user gaining elevated privilege to a physical file by altering based-on file attributes as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described in the remediation/fixes...

6.8CVSS6.5AI score0.00323EPSS
Exploits0Affected Software3
OSV
OSV
added 2024/12/18 11:15 a.m.4 views

CVE-2024-47104

IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file. A user with authority to a view can alter the based-on physical file security attributes without having object management rights to the physical file. A malicious actor can use the elevated...

6.8CVSS5.8AI score0.00323EPSS
Exploits0References1
CVE
CVE
added 2024/12/18 10:53 a.m.58 views

CVE-2024-47104

CVE-2024-47104 affects IBM i 7.4 and 7.5. An authenticated user with view authority can elevate privileges by altering the based-on physical file security attributes without object management rights, enabling actions restricted by their view privileges. IBM reports remediation via PTFs: 7.5 SF999...

6.8CVSS6.5AI score0.00323EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/18 12:0 a.m.7 views

PT-2024-32410 · Ibm · Ibm I

Name of the Vulnerable Software and Affected Versions: IBM i versions 7.4 and 7.5 Description: The issue allows an authenticated user to gain elevated privilege to a physical file. A user with authority to a view can alter the based-on physical file security attributes without having object...

6.8CVSS6.2AI score0.00323EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/07/10 12:0 a.m.7 views

IBM Security QRadar Security Vulnerabilities

IBM Security QRadar is a modernized threat detection and response solution from International Business Machines IBM, Inc. designed to unify and integrate the security analyst experience and improve their response speed throughout the incident lifecycle. A security vulnerability exists in IBM...

5.3CVSS6.6AI score0.0024EPSS
Exploits0References4
NVD
NVD
added 2024/06/11 12:15 p.m.21 views

CVE-2024-35211

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes such as “Secure”, “HttpOnly”, or “SameSite”...

6.8CVSS0.00216EPSS
Exploits0References1
Rows per page
Query Builder