Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-16454

Malicious code in bioql PyPI...

7CVSS6.4AI score0.00393EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-16455

Malicious code in bioql PyPI...

8.1CVSS6.4AI score0.0041EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-34994

Malicious code in bioql PyPI...

6.3CVSS6.6AI score0.00461EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-16452

Malicious code in bioql PyPI...

7CVSS6.4AI score0.0027EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-16450

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00287EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/06/01 6:35 a.m.12 views

CVE-2025-48487

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, when creating a translation of a phrase that appears in a flash-message after a completed action, it is possible to inject a payload to exploit XSS vulnerability. This issue has been patched in version 1.8.180...

6CVSS6AI score0.00222EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/06/01 6:35 a.m.6 views

CVE-2025-48488

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, deleting the file .htaccess allows an attacker to upload an HTML file containing malicious JavaScript code to the server, which can result in a Cross-Site Scripting XSS vulnerability. This issue has been patch...

5.4CVSS6AI score0.00216EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/06/01 5:35 a.m.10 views

CVE-2025-48482

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, there is a mass assignment vulnerability. The Customer object is updated using the fill method, which processes fields such as channel and channelid. However, the fill method is called with all client-provided...

5.3CVSS6.9AI score0.00287EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/06/01 4:35 a.m.9 views

CVE-2025-48477

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application's logic requires the user to perform a correct sequence of actions to implement a functional capability, but the application allows access to the functional capability without correctly...

8.1CVSS6.8AI score0.0041EPSS
Exploits1References1
NVD
NVD
added 2025/05/30 5:15 a.m.11 views

CVE-2025-48476

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, when adding and editing user records using the fill method, there is no check for the absence of the password field in the data coming from the user, which leads to a mass-assignment vulnerability. As a result...

8.8CVSS0.00448EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/30 4:35 a.m.13 views

CVE-2025-48482 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, there is a mass assignment vulnerability. The Customer object is updated using the fill method, which processes fields such as channel and channelid. However, the fill method is called with all client-provided...

5.3CVSS0.00287EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/30 4:35 a.m.23 views

CVE-2025-48481 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an attacker with an unactivated email invitation containing invitehash, can exploit this vulnerability to self-activate their account, despite it being blocked or deleted, by leveraging the invitation link fro...

6.1CVSS0.00452EPSS
Exploits1References1
CVE
CVE
added 2025/05/29 3:55 p.m.62 views

CVE-2025-48474

CVE-2025-48474 concerns FreeScout (prior to 1.8.180). The issue is improper access-rights checks for conversations, allowing users enabled with show_only_assigned_conversations to assign themselves to any accessible conversation and bypass viewing restrictions. The vulnerability is patched in ver...

8.1CVSS6.7AI score0.00406EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/29 3:27 p.m.9 views

CVE-2025-48473 FreeScout Vulnerable to Insufficient Authorization

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.179, when creating a conversation from a message in another conversation, there is no check to ensure that the user has the ability to view this message. Thus, the user can view arbitrary messages from other...

5.3CVSS6.9AI score0.00321EPSS
Exploits1References2
Rows per page
Query Builder