Lucene search
K

7923 matches found

OSV
OSV
added 2026/04/01 5:58 a.m.8 views

MAL-2026-2317 Malicious code in pygithub-async-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3c20bbcf01f681691e2c58279ff8311b11abc35424e16ed9adc942cf82cca2ba Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/01 12:0 a.m.3 views

CVE-2026-30643

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...

6AI score0.00569EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/01 12:0 a.m.26 views

CVE-2026-30643

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...

0.00569EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/01 12:0 a.m.6 views

CVE-2026-30643

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...

9.8CVSS6AI score0.00569EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.6 views

Checkmk 安全漏洞

Checkmk is an IT monitoring platform developed by Checkmk Corporation. Versions of Checkmk prior to 2.5.0b2 and 2.4.0p25 contained security vulnerabilities. These vulnerabilities stemmed from insufficient permission validation for multiple REST API quick-setup endpoints, which could allow...

8.8CVSS5.8AI score0.00236EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.11 views

PT-2026-29567

🔴 CVE-2026-30643 - Critical An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload. https://t.co/rjHTzSsdI1 https://t.co/y2qo3h5iFP...

9.8CVSS6AI score0.00569EPSS
Exploits1References5
CVE
CVE
added 2026/04/01 12:0 a.m.11 views

CVE-2026-30643

Summary: CVE-2026-30643 affects DedeCMS 5.7.118 and allows code execution via crafted setup tag values during a module upload. The description consistently states the root cause as the crafted setup tag values leading to remote code execution within the module upload process. The available source...

9.8CVSS6AI score0.00569EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.5 views

DesDev DedeCMS 安全漏洞

DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation in China. It operates on the PHP platform and offers functions such as content publishing, management, editing, and retrieval. Version 5.7.118 of DesDev DedeCMS contains a security vulnerability, which...

9.8CVSS5.9AI score0.00569EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/31 9:26 a.m.7 views

Malicious code in officepyai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 563256c9d63fdb25dd344ade9c0df9605a7b22e3fc849f2512f5366e557e562c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/31 5:36 a.m.11 views

Malicious code in lakeflow-community-connectors (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 931d6183e0dc407fb2c14769dcebb7d1845f4af9ca0b26766d75d783b5611165 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.3 views

PT-2026-29282

Uncontrolled search path elements in Anthropic Claude for Windows installer Claude Setup.exe versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs e.g., profapi.dll from its own directory after UAC elevation, enabling arbitrary code...

4.7CVSS6.4AI score0.00177EPSS
Exploits0References2
OSV
OSV
added 2026/03/30 8:21 p.m.3 views

MAL-2026-2305 Malicious code in databaseroboats (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 758a06f15ef5917ecf964bae5fa46f084b028b69c8dd133acb90da972f6a6f09 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/30 4:7 p.m.9 views

Malicious code in spanner-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 659a15d63f794432104121cf729687768f76fa3dadd0b4ae9d8c9327021122af Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSV
OSV
added 2026/03/30 4:7 p.m.4 views

MAL-2026-2304 Malicious code in spanner-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 659a15d63f794432104121cf729687768f76fa3dadd0b4ae9d8c9327021122af Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSV
OSV
added 2026/03/30 4:7 p.m.3 views

MAL-2026-2303 Malicious code in prodaccess (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 71f3b91c61448eb2dee3cfb46f56b4e38dab0202af78c52163d5b6ab98e85c2d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/30 4:6 p.m.6 views

Malicious code in dremel (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 27df3a2ebf6e129a3e640d55b9dd03b5f21cef1694cd6ccdae97e456f098ce2c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSV
OSV
added 2026/03/30 4:4 p.m.6 views

MAL-2026-2302 Malicious code in loas (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0177c14c2fb08f69729838152272244428733a8e3682c3cbdc6780ea2fab6e38 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
NVD
NVD
added 2026/03/30 12:16 p.m.5 views

CVE-2019-25653

Navicat for Oracle 12.1.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the password field. Attackers can paste a buffer of 550 repeated characters into the password parameter during Oracle connection...

6.9CVSS0.00195EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/03/30 11:32 a.m.4 views

kernel: Linux kernel: Local denial of service and memory leak in DAMON sysfs via setup failure

A flaw was found in the Linux kernel's Data Access MONitor DAMON sysfs interface. A local attacker, typically a privileged user, could exploit a cleanup bug during DAMON context setup. If the setup fails after the attrs directory is created, stale sysfs directories are left behind. This can lead ...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References5
CVE
CVE
added 2026/03/30 11:2 a.m.14 views

CVE-2018-25233

Affected software: WebDrive 18.00.5057. Vulnerability: Denial of Service via Secure WebDAV. A local attacker can crash the application by sending an excessively long string in the username field during Secure WebDAV connection setup, with a described 5000-byte buffer-overflow payload in the usern...

6.9CVSS5.9AI score0.00206EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder