Lucene search
K

1244 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-9587

Malicious code in bioql PyPI...

4.4CVSS6.2AI score0.00223EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3773

Malicious code in bioql PyPI...

5.9CVSS6.1AI score0.01179EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-50658

Malicious code in bioql PyPI...

5.3CVSS9.2AI score0.00377EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-32739

Malicious code in bioql PyPI...

9.1CVSS6.5AI score0.01834EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-59432

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00339EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24547

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00326EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.4 views

Code-Projects Food Ordering Review System 安全漏洞

Code-Projects Food Ordering Review System is an open source food ordering review system from Code-Projects. A security vulnerability exists in Code-Projects Food Ordering Review System version 1.0, which stems from incorrect handling of input in the user-submitted ordering information area and...

5.4CVSS5.9AI score0.00201EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

GitLab 8.15 < 18.1.5 / 18.2 < 18.2.5 / 18.3 < 18.3.1 (CVE-2025-3601)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 8.15 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have could have allowed an authenticated user to caus...

6.5CVSS5.5AI score0.00296EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/08/15 7:17 a.m.4 views

CVE-2025-6184

The Tutor LMS Pro – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter used in the getsubmittedassignments function in all versions up to, and including, 3.7.0 due to insufficient escaping on the user supplied parameter an...

8.8CVSS7.7AI score0.00326EPSS
Exploits0References1
NVD
NVD
added 2025/08/13 7:15 a.m.9 views

CVE-2025-6184

The Tutor LMS Pro – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter used in the getsubmittedassignments function in all versions up to, and including, 3.7.0 due to insufficient escaping on the user supplied parameter an...

8.8CVSS0.00326EPSS
Exploits0References3
CVE
CVE
added 2025/08/13 6:39 a.m.30 views

CVE-2025-6184

CVE-2025-6184 : Tutor LMS Pro (WordPress)

8.8CVSS7.5AI score0.00326EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.6 views

PT-2025-32967 · WordPress · Tutor Lms Pro

Name of the Vulnerable Software and Affected Versions: Tutor LMS Pro versions prior to 3.7.1 Description: The Tutor LMS Pro plugin for WordPress is susceptible to a time-based SQL Injection issue. This occurs due to insufficient input validation and query preparation when handling the order...

8.8CVSS7.4AI score0.00326EPSS
Exploits0References9
CNVD
CNVD
added 2025/07/21 12:0 a.m.4 views

GPT-SoVITS-WebUI code issue vulnerability (CNVD-2025-23578)

GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI that stems from insecure deserialization of referencewebui.py when receiving serialized data submitted by a user, which can be exploited by an attacker to execute arbitrary commands on the system...

9.8CVSS7.8AI score0.00639EPSS
Exploits1References1
CNVD
CNVD
added 2025/07/21 12:0 a.m.3 views

GPT-SoVITS-WebUI Code Issue Vulnerability

GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI that stems from unsafe deserialization handling of the AudioPreDeEcho class when receiving serialized data submitted by the user, which can be exploited by an attacker to execute arbitrary commands on...

9.8CVSS7.8AI score0.00661EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/07/15 12:0 a.m.5 views

GPT-SoVITS-WebUI 代码问题漏洞

GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI, which stems from unsafe deserialization handling of the AudioPre class when receiving user-submitted serialized data, and can be exploited by an attacker to execute arbitrary commands on the system...

9.8CVSS7.5AI score0.00661EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/07/15 12:0 a.m.5 views

GPT-SoVITS-WebUI 代码问题漏洞

GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI that stems from insecure deserialization of referencewebui.py when receiving serialized data submitted by a user, which can be exploited by an attacker to execute arbitrary commands on the system...

9.8CVSS7.5AI score0.00639EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.3 views

Apache InLong 代码问题漏洞

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. A deserialization vulnerability exists in Apache InLong versions prior to 1.13.0 to 2.1.0. The vulnerability stems from unsafe...

9.8CVSS7AI score0.00576EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 8:43 a.m.9 views

CVE-2024-5002

The User Submitted Posts WordPress plugin before 20240516 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.7AI score0.00423EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:27 a.m.6 views

CVE-2023-7251

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeff Starr User Submitted Posts allows Stored XSS.This issue affects User Submitted Posts: from n/a through 20230901...

6.5CVSS5.2AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:51 p.m.5 views

CVE-2022-31049

TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, user submitted content was used without being properly encoded in HTML emails sent to users. The actually affected components were mail clients used to view those messages. TYPO3 versions...

5.4CVSS6.5AI score0.00717EPSS
Exploits0References1
Rows per page
Query Builder