Lucene search
K

358 matches found

RedhatCVE
RedhatCVE
added 2026/02/06 1:25 a.m.4 views

CVE-2026-25519

OpenSlides is a free, web based presentation and assembly system for managing and projecting agenda, motions and elections of an assembly. Prior to version 4.2.29, OpenSlides supports local logins with username and password or an optionally configurable single sign on with SAML via an external ID...

9.8CVSS5.3AI score0.00492EPSS
Exploits0References1
OSV
OSV
added 2026/02/04 8:50 p.m.3 views

CVE-2026-25519 OpenSlides has incorrect access control vulnerability in authentication service

OpenSlides is a free, web based presentation and assembly system for managing and projecting agenda, motions and elections of an assembly. Prior to version 4.2.29, OpenSlides supports local logins with username and password or an optionally configurable single sign on with SAML via an external ID...

8.1CVSS5.4AI score0.00492EPSS
Exploits0References6
CVE
CVE
added 2026/01/09 9:17 p.m.11 views

CVE-2025-62487

CVE-2025-62487 affects Palantir Dossier and Slides apps (Dossier front-end). Root cause: a May 2025 change intended to enable cross-artifact file sharing caused uploads to not be properly marked with security levels. In CBAC-enabled deployments, a security picker dialog lets users set the level, ...

3.5CVSS6.4AI score0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/09 9:17 p.m.5 views

CVE-2025-62487 Under certain configurations, file artifacts uploaded to the Dossier and Slides apps did not inherit security markings of their parent artifact. This lack of security markings could lead to unintended access to the uploaded files.

On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the proper security levels. The regression was traced back to a change in May 2025, which was meant to allow file uploads to be shared among different artifacts e.g...

3.5CVSS6.4AI score0.00196EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/09 9:17 p.m.22 views

CVE-2025-62487 Under certain configurations, file artifacts uploaded to the Dossier and Slides apps did not inherit security markings of their parent artifact. This lack of security markings could lead to unintended access to the uploaded files.

On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the proper security levels. The regression was traced back to a change in May 2025, which was meant to allow file uploads to be shared among different artifacts e.g...

3.5CVSS0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:17 a.m.8 views

CVE-2025-23919

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Ella Van Durpe Slides & Presentations slide allows Code Injection.This issue affects Slides & Presentations: from n/a through = 0.0.39...

5.4CVSS7.3AI score0.00504EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.10 views

PT-2026-1839

Name of the Vulnerable Software and Affected Versions Palantir Dossier and Slides apps affected versions not specified Description Images uploaded through the Dossier front-end app were not consistently marked with the correct security levels. This issue stemmed from a change implemented in May...

3.5CVSS6.3AI score0.00196EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/13 3:23 a.m.1 views

EUVD-2025-175937

Malicious code in titan-fusion-virgo-slides npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-176273

Malicious code in spawn-webpack-nightwatch-slides npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-176036

Malicious code in technosignature-quark-quito-slides npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.5 views

MAL-2025-186330 Malicious code in cosmiconfig-gatsby-janus-slides (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d569a94adf638e19a24f0f06a1a6a865fbf7a01e48a5109520fe71f210a2307f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.8 views

EUVD-2025-177559

Malicious code in node-sass-slides-koa-hexo npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.9 views

Malicious code in sadr-membrane-slides-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9f5afa3f0909d32cb9061af02d912fe9587dcc198b2456101683b37f285bbb7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in relay-slides-kinetic-query (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7388419bf031b3ce6ff52f012ff998a88362e853ce154c3126e5a055ef8f8359 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in transform-galaxy-writable-slides (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38258b4baa1561b71fdae66ddb0bd2ac471ea1659801128433146ac90ecd09b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-179552

Malicious code in cosmiconfig-gatsby-janus-slides npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-175909

Malicious code in transform-galaxy-writable-slides npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-176156

Malicious code in subscription-asteroid-paleoanthropology-slides npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-179625

Malicious code in commitlint-slides-octans-resolvers npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-176345

Malicious code in slides-photon-nightwatch-stratigraphy npm...

6.6AI score
Exploits0
Rows per page
Query Builder