Lucene search
K

182 matches found

Vulnrichment
Vulnrichment
added 2025/09/15 4:12 p.m.8 views

CVE-2025-58748 Dataease H2 data source JDBC URL validation bypass leads to remote code execution

Dataease is an open source data analytics and visualization platform. In Dataease versions up to 2.10.12 the H2 data source implementation H2.java does not verify that a provided JDBC URL starts with jdbc:h2. This lack of validation allows a crafted JDBC configuration that substitutes the Amazon...

8.7CVSS7.4AI score0.00758EPSS
Exploits1References2
Circl
Circl
added 2025/09/11 1:37 p.m.5 views

CVE-2025-42911

creationtimestamp| type| source ---|---|--- 2025-09-11 13:37:23+00:00| seen| https://vulnerability.circl.lu/bundle/43ff9e04-da8f-45fe-a06a-e8f9b84a2d14...

5CVSS4.8AI score0.002EPSS
Exploits0References1
Circl
Circl
added 2025/08/26 8:16 a.m.4 views

CVE-2025-24188

creationtimestamp| type| source ---|---|--- 2025-08-26 08:16:53+00:00| seen| https://vulnerability.circl.lu/bundle/c1aa3b44-ae54-436b-b3c3-a88194ecb70e...

6.5CVSS4.8AI score0.0055EPSS
Exploits0References1
Circl
Circl
added 2025/08/26 8:16 a.m.2 views

CVE-2025-43216

creationtimestamp| type| source ---|---|--- 2025-08-26 08:16:53+00:00| seen| https://vulnerability.circl.lu/bundle/c1aa3b44-ae54-436b-b3c3-a88194ecb70e...

6.5CVSS7AI score0.01022EPSS
Exploits0References1
Circl
Circl
added 2025/08/22 4:22 p.m.14 views

CVE-2025-54812

creationtimestamp| type| source ---|---|--- 2025-08-22 16:22:58+00:00| seen| https://seclists.org/oss-sec/2025/q3/134 2025-08-22 18:48:58+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lwz4ocotud2y 2025-08-22 19:01:44+00:00| seen|...

5.4CVSS6.5AI score0.01084EPSS
Exploits0References3
OSV
OSV
added 2025/08/15 12:2 a.m.4 views

OSV-2025-631 Null-dereference READ in [email protected]

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=438264629 Crash type: Null-dereference READ Crash state: [email protected]...

7.2AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.6 views

04-as-contact-numbers-menu-cli (=1.0.0), 10xanswers (>=1.0.11 <=1.0.36) +424 more potentially affected by unknown CVE via save-dev (=0.0.1-security)

save-dev NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on save-dev and may be impacted: - 04-as-contact-numbers-menu-cli =1.0.0 - 10xanswers =1.0.11, =3.0.2, =1.6.5, =1.9.1, =1.2.0, =1.1.6, =0.2.1, =1.0.0 - @andes/plex =8.0.1...

5.7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.6 views

go-api-starter (>=0.0.0 <=1.3.0), redux-starter (>=0.0.0 <=1.1.0) potentially affected by unknown CVE via kik-starter (>=0.0.1 <=2.2.1)

kik-starter NPM version =0.0.1, =0.0.0, =0.0.0, =1.1.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-24454...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.8 views

@alu0101350158/constant-folding (>=1.0.0 <=1.3.9), @mp-next/build (>=0.0.1-alpha.27 <=0.0.1-alpha.34) +9 more potentially affected by unknown CVE via commmander (=0.0.1-security)

commmander NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on commmander and may be impacted: - @alu0101350158/constant-folding =1.0.0, =0.0.1-alpha.27, =1.0.0, =0.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.3 - zhoukang-cli =1.0.0 Sourc...

5.7AI score
Exploits0
Circl
Circl
added 2025/08/05 12:12 a.m.11 views

CVE-2025-8524

creationtimestamp| type| source ---|---|--- 2025-08-05 00:12:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvmgeyptll2d...

5.3CVSS7.3AI score0.00123EPSS
Exploits0References1
Circl
Circl
added 2025/07/30 7:59 a.m.8 views

CVE-2025-22431

creationtimestamp| type| source ---|---|--- 2025-07-30 07:59:24+00:00| seen| https://vulnerability.circl.lu/bundle/9d7fef5d-952d-4ecc-880d-94d02304e7a3...

5.5CVSS4.8AI score0.00077EPSS
Exploits0References1
Circl
Circl
added 2025/07/30 7:59 a.m.8 views

CVE-2025-26429

creationtimestamp| type| source ---|---|--- 2025-07-30 07:59:24+00:00| seen| https://vulnerability.circl.lu/bundle/9d7fef5d-952d-4ecc-880d-94d02304e7a3...

5.5CVSS5.8AI score0.00076EPSS
Exploits0References1
Circl
Circl
added 2025/07/19 8:51 a.m.15 views

CVE-2025-29757

creationtimestamp| type| source ---|---|--- 2025-07-19 08:51:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3luclftybu22i...

9.4CVSS4.8AI score0.00376EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/18 5:58 p.m.7 views

CVE-2025-53938

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. An Authentication Bypass vulnerability was identified in the /dao/verificarrecursoscargo.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows unauthenticated...

7.5CVSS6.5AI score0.00626EPSS
Exploits1References1
OSV
OSV
added 2025/07/14 10:16 p.m.5 views

CVE-2025-53821 WeGIA vulnerable to Open Redirect in endpoint 'control.php' parameter 'nextPage'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. An Open Redirect vulnerability exists in the web application prior to version 3.4.5. The control.php endpoint allows to specify an arbitrary URL via the nextPage parameter, leading to an...

4.7CVSS6.9AI score0.00223EPSS
Exploits1References3
NVD
NVD
added 2025/07/04 2:15 p.m.4 views

CVE-2025-38217

In the Linux kernel, the following vulnerability has been resolved: hwmon: ftsteutates Fix TOCTOU race in ftsread In the ftsread function, when handling hwmonpwmautochannelstemp, the code accesses the shared variable data-fansourcechannel twice without holding any locks. It is first checked again...

4.7CVSS0.00101EPSS
Exploits0References4
WPVulnDB
WPVulnDB
added 2025/06/30 12:0 a.m.11 views

Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer < 2.3.67 - DOM-Based Reflected Cross-Site Scripting via 'pdf-source'

Description The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to DOM-Based Reflected Cross-Site Scripting via the ‘pdf-source’ parameter in all versions up to, and including, 2.3.65 due to insufficient input sanitization and output escaping...

6.1CVSS5.9AI score0.0026EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/06/11 10:11 p.m.6 views

goodpkgmamamamamamam (=1.0.0) potentially affected by unknown CVE via mtrtestinglalalal (=0.0.1-security)

mtrtestinglalalal NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on mtrtestinglalalal and may be impacted: - goodpkgmamamamamamam =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-5040...

5.8AI score
Exploits0
Circl
Circl
added 2025/06/05 6:1 a.m.26 views

CVE-2025-3054

creationtimestamp| type| source ---|---|--- 2025-06-05 06:01:27+00:00| published-proof-of-concept| Telegram/uHWvAuvUwozE9xqR-TnjEBub-qWhHMqFHErXUgC3HaO00ME 2025-06-05 06:49:03+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqtq34qno7v2...

8.8CVSS4.8AI score0.00797EPSS
Exploits1References3
Circl
Circl
added 2025/06/04 2:21 p.m.11 views

CVE-2025-48962

creationtimestamp| type| source ---|---|--- 2025-06-04 14:21:02+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqrytbvuol42 2025-06-04 16:53:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqsbewobi72s...

4.3CVSS7AI score0.002EPSS
Exploits0References2
Rows per page
Query Builder