Lucene search
K

794 matches found

EUVD
EUVD
added 2025/11/12 6:9 p.m.5 views

EUVD-2025-144549

Malicious code in augis-pomdoi9r-osaissc npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 6:0 p.m.5 views

EUVD-2025-144824

Malicious code in vishalpandey npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.5 views

EUVD-2025-112978

Malicious code in halley-cressida-gacrux-hyperion npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 8:46 p.m.5 views

EUVD-2025-103096

Malicious code in patria-gorengan8-riris npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 3:19 p.m.3 views

EUVD-2025-87395

Malicious code in zul-dradag47-miaww npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:26 a.m.3 views

EUVD-2025-80011

Malicious code in wittyhare0xrequest npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:16 a.m.5 views

EUVD-2025-70356

Malicious code in fitri-sate14-ruro npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 5:18 a.m.3 views

EUVD-2025-64793

Malicious code in contemporarysquirrelz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 5:18 a.m.3 views

EUVD-2025-65141

Malicious code in boredmanateez3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 12:41 a.m.3 views

EUVD-2025-52540

Malicious code in purring-coral-grouse npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 12:17 a.m.2 views

EUVD-2025-56652

Malicious code in vida-teh63-sluey npm...

6.6AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/11/10 9:40 p.m.3 views

CVE-2025-64502 Parse Server allows public `explain` queries which may expose sensitive database performance information and schema details

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. The MongoDB explain method provides detailed information about query execution plans, including index usage, collection scanning behavior, and performance metrics. Prior to version 8.5.0-alpha....

6.9CVSS6.3AI score0.00372EPSS
Exploits0References3
CVE
CVE
added 2025/11/10 9:40 p.m.12 views

CVE-2025-64502

Parse Server vulnerability CVE-2025-64502 arises from public explain() queries being allowed before the 8.5.0-alpha.5 release. The MongoDB Explain() output can reveal database schema, field names, index configurations, query optimization details, and execution statistics, which could aid targeted...

6.9CVSS6.5AI score0.00372EPSS
Exploits0References3
OSV
OSV
added 2025/11/10 9:40 p.m.6 views

CVE-2025-64502 Parse Server allows public `explain` queries which may expose sensitive database performance information and schema details

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. The MongoDB explain method provides detailed information about query execution plans, including index usage, collection scanning behavior, and performance metrics. Prior to version 8.5.0-alpha....

6.9CVSS6.6AI score0.00372EPSS
Exploits0References5
EUVD
EUVD
added 2025/11/10 5:18 a.m.0 views

EUVD-2025-41929

Malicious code in surya-brongkos49-sluey npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/10 4:5 a.m.1 views

EUVD-2025-41059

Malicious code in fauzi-donat87-riris npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/10 4:5 a.m.2 views

EUVD-2025-40951

Malicious code in tiara-gembus69-miaww npm...

6.6AI score
Exploits0
AstraLinux
AstraLinux
added 2025/10/31 4:38 p.m.2 views

Astra Linux - уязвимость в thunderbird

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be...

7.5CVSS6.8AI score0.00946EPSS
Exploits0References1
Snyk
Snyk
added 2025/10/09 11:53 p.m.1 views

Malicious Package

Overview chai-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/09 9:6 p.m.1 views

Malicious Package

Overview redirect-zoju4g is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Rows per page
Query Builder