Lucene search
+L

131 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-27314

Malicious code in bioql PyPI...

9.6CVSS9.4AI score0.00634EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-41799

Malicious code in bioql PyPI...

9.1CVSS8.5AI score0.01579EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-51561

Malicious code in bioql PyPI...

5.3CVSS9.2AI score0.0051EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.24 views

EUVD-2023-38111

Malicious code in bioql PyPI...

9.4CVSS9.1AI score0.00691EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-47536

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00631EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-58232

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00373EPSS
Exploits1References1
CVE
CVE
added 2025/07/14 2:35 a.m.25 views

CVE-2025-7451

The CVE-2025-7451 entry concerns the iSherlock software by Hgiga, where an OS Command Injection vulnerability allows unauthenticated remote attackers to inject and execute arbitrary OS commands on the server. The issue stems from a command-injection root cause enabling full system impact (confide...

9.8CVSS7.7AI score0.0141EPSS
In wildExploits0References2
Cvelist
Cvelist
added 2025/07/11 6:43 a.m.13 views

CVE-2025-5392 GB Forms DB <= 1.0.2 - Unauthenticated Remote Code Execution

The GB Forms DB plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.2 via the gbfdbtalktofront function. This is due to the function accepting user input and then passing that through calluserfunc. This makes it possible for unauthenticated...

9.8CVSS0.00838EPSS
Exploits0References4
Redos
Redos
added 2025/07/01 12:0 a.m.12 views

ROS-20250630-09

Vulnerability of net/http, x/net/proxy and x/net/http/httpproxy packages of Go programming language is related to incorrect mapping of hosts to proxy server templates. Exploitation of the vulnerability could allow an intruder to affect confidentiality and availability of protected information A...

7.5CVSS8.2AI score0.00693EPSS
Exploits2
Cvelist
Cvelist
added 2025/06/16 2:13 p.m.24 views

CVE-2025-3594

Path traversal vulnerability with the downloading and installation of Xuggler in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.4 GA, 7.3 GA through update 34, and older unsupported versions allows remote attackers to 1 add files to arbitrary locations on the server and 2 download and...

8.6CVSS0.00576EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/12 3:21 p.m.14 views

CVE-2024-34711

GeoServer is an open source server that allows users to share and edit geospatial data. An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. By default, GeoServer use...

9.3CVSS9.2AI score0.00262EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.9 views

PT-2025-22773 · Unknown · Mojoomla Hospital Management System

Name of the Vulnerable Software and Affected Versions: mojoomla Hospital Management System versions 47.020 through 11 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further...

9.9CVSS9.4AI score0.00347EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.6 views

PT-2025-22769 · Unknown · Ajar In5 Embed

Name of the Vulnerable Software and Affected Versions: Ajar in5 Embed versions 3.1.5 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and potential...

10CVSS9.3AI score0.00365EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.5 views

PT-2025-22735 · Unknown · Crossword Compiler

Name of the Vulnerable Software and Affected Versions: Crossword Compiler Puzzles versions 5.2 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and...

9.9CVSS9.5AI score0.00416EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 9:59 p.m.9 views

CVE-2022-44784

An issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229 expose a set of services provided by the Axis 1.4 instance, embedded directly into the applications, as hinted by the WEB-INF/web.xml file leaked through Local File Inclusion. Among the exposed...

8.8CVSS7.1AI score0.00984EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:22 p.m.7 views

CVE-2021-29448

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. The Stored XSS exists in the Pi-hole Admin portal, which can be exploited by the malicious actor with the network access to DNS server. See the referenced GitHub security advisory for patch details...

8.8CVSS6AI score0.00668EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:37 p.m.8 views

CVE-2020-2971

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle Application...

5.4CVSS6.2AI score0.00699EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:50 p.m.9 views

CVE-2020-10038

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker with access to the device's web server might be able to execute administrative commands without authentication...

9.8CVSS7.1AI score0.01235EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/19 12:0 a.m.10 views

PT-2025-22102 · Mojoomla · Mojoomla Hospital Management System

Name of the Vulnerable Software and Affected Versions: mojoomla Hospital Management System versions prior to 47.0 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further...

10CVSS9.5AI score0.00359EPSS
Exploits0References4
NVD
NVD
added 2025/04/28 10:15 a.m.19 views

CVE-2025-3200

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems...

9.1CVSS0.00312EPSS
Exploits0References1
Rows per page
Query Builder