Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-14530

Malicious code in bioql PyPI...

9.1CVSS6.3AI score0.10286EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/18 10:21 a.m.9 views

CVE-2025-25264

An unauthenticated remote attacker can trick an admin to visit a website containing malicious java script code. The current overly permissive CORS policy allows the attacker to obtain any files from the file system...

6.5CVSS6.9AI score0.00386EPSS
Exploits0References1
CVE
CVE
added 2025/05/13 8:49 p.m.70 views

CVE-2025-43564

Adobe ColdFusion (versions 2025.1, 2023.13, 2021.19 and earlier) is affected by an Improper Access Control vulnerability that can allow arbitrary file system read. The issue stems from improper access restrictions and could let a high-privileged attacker access or modify sensitive data without au...

9.1CVSS6.1AI score0.10286EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/05/13 8:49 p.m.64 views

CVE-2025-43563

CVE-2025-43563 affects Adobe ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier. It is an Improper Access Control vulnerability that could enable an attacker with high privileges to perform an arbitrary file system read, potentially accessing or modifying sensitive data. Exploitation requir...

9.1CVSS6.1AI score0.10286EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/13 8:49 p.m.40 views

CVE-2025-43563 ColdFusion | Improper Access Control (CWE-284)

ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. A high-privileged attacker could leverage this vulnerability to access or modify sensitive data without proper authorization...

9.1CVSS0.10286EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/01 12:0 a.m.8 views

Google Android Information Disclosure Vulnerability (CNVD-2024-05383)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...

5.5CVSS6.1AI score0.00097EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/06/24 3:0 p.m.7 views

CVE-2022-1517 3.2.1 EXECUTION WITH UNNECESSARY PRIVILEGES CWE-250

LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level, which can allow an attacker to change settings, configurations, software, or access sensitive data on the affected produc. An attacker could also exploit this...

10CVSS7.3AI score0.01644EPSS
Exploits0References1
exploitpack
exploitpack
added 2003/08/25 12:0 a.m.16 views

newsPHP 216 - Authentication Bypass

newsPHP 216 - Authentication Bypass source: https://www.securityfocus.com/bid/8489/info A vulnerability is reported to exist in newPHP that may allow an attacker to gain access to a vulnerable host due to improper verification of authentication credentials. This issue may be exploited to gain...

0.4AI score
Exploits0
Rows per page
Query Builder