CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5335 matches found

Prion•added 2023/02/23 6:15 a.m.•13 views

Design/Logic Flaw

ThingsBoard 3.4.1 could allow a remote attacker to gain elevated privileges because hard-coded service credentials usable for privilege escalation are stored in an insecure format. To read this stored data, the attacker needs access to the application server or its source code...

5.1CVSS8.1AI score0.01129EPSS

Exploits0References2Affected Software1

OSSF Malicious Packages•added 2023/02/23 12:0 a.m.•4 views

Malicious code in pagseguro-utils-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx f7a3386fd85bb30de547429241a02add188cf0bcb06352f465f9a5f403408db6 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

7.2AI score

Exploits0References1

OSV•added 2023/02/23 12:0 a.m.•9 views

MAL-2023-7996 Malicious code in @pagseguro/nest (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b16a70a89161283b99538bb25fdbaecc235a75a73c7a471c98ad831fc08a7cdf Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

7.4AI score

Exploits0References1

Positive Technologies•added 2023/02/23 12:0 a.m.•4 views

PT-2023-20655 · Unknown · Thingsboard

Name of the Vulnerable Software and Affected Versions: ThingsBoard version 3.4.1 Description: The issue allows a remote attacker to gain elevated privileges due to hard-coded service credentials being stored in an insecure format. To exploit this, an attacker would need access to the application...

8.1CVSS8.2AI score0.01129EPSS

Exploits0References5

Cvelist•added 2023/02/23 12:0 a.m.•13 views

CVE-2023-26462

8.4AI score0.01129EPSS

Exploits0References2

OSV•added 2023/02/23 12:0 a.m.•10 views

MAL-2023-7997 Malicious code in @pagseguro/ps-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 492467e28bf1b4fe156c5a01fadd9b075b419bc9dc92fb95a8048b523d16cbf0 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

7.4AI score

Exploits0References1

OSV•added 2023/02/23 12:0 a.m.•11 views

MAL-2023-8000 Malicious code in @pagseguro/ps-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 215b7859b73d06b74ebd0b73fe0a349c7de24b2e7e87046a0f92488d2d1f32fe Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

7.4AI score

Exploits0References1

OSV•added 2023/02/23 12:0 a.m.•10 views

MAL-2023-8006 Malicious code in @pagseguro/stylelint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a77a0e8f023eb828ca6897ba36220e030972b11f244c8f48c031c928e5342367 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

7.4AI score

Exploits0References1

OSV•added 2023/02/23 12:0 a.m.•13 views

MAL-2023-7994 Malicious code in @pagseguro/axios-instance (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a465c79cb8dc5ed82a72b242444916efda5a4f4db9bdd4a28c24b6a7994d350b Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

7.4AI score

Exploits0References1

OSV•added 2023/02/23 12:0 a.m.•9 views

MAL-2023-8033 Malicious code in pagseguro-utils-test (npm)

7.4AI score

Exploits0References1

OSV•added 2023/02/23 12:0 a.m.•11 views

MAL-2023-7999 Malicious code in @pagseguro/ps-crypt-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 40a6f6bf343548e89c4d7feaa6420d2c19f90bf043babf42602824d186d4a691 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

7.4AI score

Exploits0References1

OSV•added 2023/02/23 12:0 a.m.•12 views

MAL-2023-7998 Malicious code in @pagseguro/ps-cart-recovery (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx d346211619464a6ebd3e0d7ec8ea2f1eea16c76edd0f48bab81b5640c0ee16b5 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

7.4AI score

Exploits0References1

OSV•added 2023/02/23 12:0 a.m.•11 views

MAL-2023-8003 Malicious code in @pagseguro/ps-security-services (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx dc36ef7ae93e63465de236217ebce560fe96cb785ae06b4a53b7d5733be61fbf Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

7.4AI score

Exploits0References1

OSV•added 2023/02/23 12:0 a.m.•12 views

MAL-2023-8002 Malicious code in @pagseguro/ps-requests-ws (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 454a292eff1e0d6b8df49d31d21284597d92f0a7d4690619b9c85437e8d0c597 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

7.4AI score

Exploits0References1

OSV•added 2023/02/23 12:0 a.m.•8 views

MAL-2023-47 Malicious code in @pagseguro/pagseguro-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8e3f853a167ac4fc6f37a0c3b1b12bdba5e57f568800476f319399643b6b0fa9 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

7.4AI score

Exploits0References2

OSV•added 2023/02/22 11:15 p.m.•4 views

CVE-2022-48149

Online Student Admission System in PHP Free Source Code 1.0 was discovered to contain a SQL injection vulnerability via the username parameter...

9.8CVSS5.8AI score0.00647EPSS

Exploits0References1

Vulnrichment•added 2023/02/22 12:0 a.m.•5 views

CVE-2022-48149

Online Student Admission System in PHP Free Source Code 1.0 was discovered to contain a SQL injection vulnerability via the username parameter...

9.9AI score0.00647EPSS

Exploits0References1

CVE•added 2023/02/22 12:0 a.m.•56 views

CVE-2022-48149

CVE-2022-48149 affects the Online Student Admission System in PHP Free Source Code 1.0. The vulnerability is a SQL injection via the username parameter in the login/auth flow. Documented CVSSv3.1 base score 9.8 (CRITICAL) with network attack vector, no privileges required, no user interaction, an...

9.8CVSS9.8AI score0.00647EPSS

Exploits0References1Affected Software1

OSV•added 2023/02/22 12:0 a.m.•9 views

MAL-2023-1098 Malicious code in @pagseguro/pagseguro-utils-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 1ca218112e7cf19df5928168bb7ac862f943cd50af825db0fd09289b710a719d Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ossf-package-analysis...

7.5AI score

Exploits0References1

F5 Networks•added 2023/02/21 6:35 p.m.•80 views

K74013101: Binutils vulnerability CVE-2021-42574

Security Advisory Description An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of...

8.3CVSS8.1AI score0.12205EPSS

Exploits4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by