Lucene search
+L

362 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-24901

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00513EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-39556

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.0029EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-33991

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00228EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2024-22396

Malicious code in bioql PyPI...

8.8CVSS8.2AI score0.00377EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 6:56 p.m.17 views

CVE-2025-55050

CWE-1242: Inclusion of Undocumented Features...

9.8CVSS0.00319EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/08/29 12:0 a.m.7 views

JVN#50585992: Multiple vulnerabilities in multiple iND products

Multiple products provided by iND Co.,Ltd contain multiple vulnerabilities listed below. Insecure storage of sensitive information CWE-922 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Base Score 7.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Base Score 6.5 CVE-2025-53507 OS...

8.6CVSS7.2AI score0.01293EPSS
Exploits0
Cvelist
Cvelist
added 2025/08/05 11:36 p.m.11 views

CVE-2025-54883 Vision UI's security-kit Contains Cryptographic Weakness

Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the getSecureRandomInt function in security-kit versions prior to 3.5.0 packaged in Vision-ui = 1.4.0 contains a critical cryptographic weakness. Due to a silent 32-bit...

9.3CVSS0.00371EPSS
Exploits0References2
Hacker One
Hacker One
added 2025/07/10 6:24 p.m.22 views

curl: Default Minimum TLS Version Set to TLS v1.0 (Cryptographic Weakness)

Summary: Curl sets TLS v1.0 as the default minimum version, which is outdated and vulnerable to attacks like BEAST, posing a risk to data integrity and confidentiality. This was found through manual code review. No AI was used in identifying the issue or generating this report. Affected Version:...

6.8AI score
Exploits0
OSV
OSV
added 2025/07/08 7:15 p.m.5 views

CVE-2024-49783

IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data, they could exploit this vulnerability t...

6.5CVSS5.9AI score0.00265EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/08 6:36 p.m.6 views

CVE-2024-49783 IBM OpenPages with Watson information disclosure

IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data, they could exploit this vulnerability t...

5.3CVSS6.2AI score0.00265EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/03 12:0 a.m.12 views

The vulnerability of the cet.c component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the cet.c component in the Linux operating system’s kernel is related to the lack of data security mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00221EPSS
Exploits0References9Affected Software3
The Hacker News
The Hacker News
added 2025/06/25 4:56 p.m.16 views

nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery

New research has uncovered continued risk from a known security weakness in Microsoft's Entra ID, potentially enabling malicious actors to achieve account takeovers in susceptible software-as-a-service SaaS applications. Identity security company Semperis, in an analysis of 104 SaaS applications,...

7.5AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/06/04 7:23 a.m.13 views

CVE-2025-47725 Out-of-bounds Write in CNCSoft

Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process...

7.3CVSS7.2AI score0.00214EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:57 a.m.5 views

CVE-2023-31759

Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack...

7.5CVSS7.2AI score0.00286EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:19 a.m.10 views

CVE-2023-38738

IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit...

8.1CVSS6.8AI score0.00528EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:44 a.m.9 views

CVE-2023-43018

IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 266163...

7.5CVSS6.5AI score0.00448EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.10 views

The vulnerability of the /adv_arpspoofing.php file, a component of the ARP Spoofing Prevention software for D-Link DAP-2695 wireless access points, allows attackers to execute cross-site scripting attacks.

The vulnerability of the /advarpspoofing.php file, a component of the ARP Spoofing Prevention software for D-Link DAP-2695 wireless access points, is related to the lack of security measures for the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site...

4CVSS5.2AI score0.00572EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 11:0 p.m.9 views

CVE-2022-33097

74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campusjob...

7.5CVSS8.3AI score0.00923EPSS
Exploits1References1
CVE
CVE
added 2025/05/22 9:59 a.m.63 views

CVE-2025-4280

Poedit on macOS is affected by CVE-2025-4280 due to a bundled Python interpreter inheriting the app’s TCC permissions. A local attacker can invoke the interpreter to run arbitrary commands using those granted permissions to access files in privacy-protected folders without user prompts, potential...

4.8CVSS6.7AI score0.00148EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 8:11 a.m.6 views

CVE-2019-15496

MyT Project Management 1.5.1 lacks CSRF protection and, for example, allows a user/create CSRF attack. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page...

8.8CVSS7.2AI score0.00614EPSS
Exploits1References1
Rows per page
Query Builder