Lucene search
K

358 matches found

RedhatCVE
RedhatCVE
added 2026/02/06 1:25 a.m.6 views

CVE-2026-25519

OpenSlides is a free, web based presentation and assembly system for managing and projecting agenda, motions and elections of an assembly. Prior to version 4.2.29, OpenSlides supports local logins with username and password or an optionally configurable single sign on with SAML via an external ID...

9.8CVSS5.3AI score0.00492EPSS
Exploits0References1
OSV
OSV
added 2026/02/04 8:50 p.m.4 views

CVE-2026-25519 OpenSlides has incorrect access control vulnerability in authentication service

OpenSlides is a free, web based presentation and assembly system for managing and projecting agenda, motions and elections of an assembly. Prior to version 4.2.29, OpenSlides supports local logins with username and password or an optionally configurable single sign on with SAML via an external ID...

8.1CVSS5.4AI score0.00492EPSS
Exploits0References6
CVE
CVE
added 2026/01/09 9:17 p.m.11 views

CVE-2025-62487

CVE-2025-62487 affects Palantir Dossier and Slides apps (Dossier front-end). Root cause: a May 2025 change intended to enable cross-artifact file sharing caused uploads to not be properly marked with security levels. In CBAC-enabled deployments, a security picker dialog lets users set the level, ...

3.5CVSS6.4AI score0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/09 9:17 p.m.5 views

CVE-2025-62487 Under certain configurations, file artifacts uploaded to the Dossier and Slides apps did not inherit security markings of their parent artifact. This lack of security markings could lead to unintended access to the uploaded files.

On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the proper security levels. The regression was traced back to a change in May 2025, which was meant to allow file uploads to be shared among different artifacts e.g...

3.5CVSS6.4AI score0.00196EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/09 9:17 p.m.22 views

CVE-2025-62487 Under certain configurations, file artifacts uploaded to the Dossier and Slides apps did not inherit security markings of their parent artifact. This lack of security markings could lead to unintended access to the uploaded files.

On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the proper security levels. The regression was traced back to a change in May 2025, which was meant to allow file uploads to be shared among different artifacts e.g...

3.5CVSS0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:17 a.m.8 views

CVE-2025-23919

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Ella Van Durpe Slides & Presentations slide allows Code Injection.This issue affects Slides & Presentations: from n/a through = 0.0.39...

5.4CVSS7.3AI score0.00504EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.11 views

PT-2026-1839

Name of the Vulnerable Software and Affected Versions Palantir Dossier and Slides apps affected versions not specified Description Images uploaded through the Dossier front-end app were not consistently marked with the correct security levels. This issue stemmed from a change implemented in May...

3.5CVSS6.3AI score0.00196EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-176036

Malicious code in technosignature-quark-quito-slides npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.8 views

EUVD-2025-177559

Malicious code in node-sass-slides-koa-hexo npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.9 views

Malicious code in sadr-membrane-slides-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9f5afa3f0909d32cb9061af02d912fe9587dcc198b2456101683b37f285bbb7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in relay-slides-kinetic-query (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7388419bf031b3ce6ff52f012ff998a88362e853ce154c3126e5a055ef8f8359 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-176156

Malicious code in subscription-asteroid-paleoanthropology-slides npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-175909

Malicious code in transform-galaxy-writable-slides npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-176345

Malicious code in slides-photon-nightwatch-stratigraphy npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in isostasy-slides-augmentedreality-jabbah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5c520fdb6218dccc2dc1ade6fa90c7843862fb37f3d60582efabe4b3962017e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-177641

Malicious code in nestjs-postcss-loader-slides-spinner npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.10 views

Malicious code in spawn-webpack-nightwatch-slides (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 318806806d481ef740dd17c622bc164b94a295e29a9282fc7c00d3951dfeaee0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-178983

Malicious code in exobiology-callback-commitlint-config-angular-slides npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-178866

Malicious code in forever-zephyr-pavo-slides npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-177546

Malicious code in nodemon-slides-frontend-tethys npm...

6.6AI score
Exploits0
Rows per page
Query Builder