Lucene search
K

447 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-48235

Malicious code in bioql PyPI...

7.2CVSS6.5AI score0.00525EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-18247

Malicious code in bioql PyPI...

5.5CVSS5.6AI score0.00545EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-24469

Malicious code in bioql PyPI...

7.2CVSS6.3AI score0.00571EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-18047

Malicious code in bioql PyPI...

5.5CVSS6.4AI score0.00369EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/10/03 12:15 p.m.3 views

CVE-2025-27231

The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change...

4.9CVSS6.8AI score0.00387EPSS
Exploits0References1
OSV
OSV
added 2025/10/03 12:15 p.m.4 views

DEBIAN-CVE-2025-27231

The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change...

4.9CVSS5.3AI score0.00387EPSS
Exploits0References1
OSV
OSV
added 2025/10/03 12:15 p.m.5 views

CVE-2025-27231

The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change...

4.9CVSS6.8AI score
Exploits0References1
Cvelist
Cvelist
added 2025/10/03 11:25 a.m.6 views

CVE-2025-27231 LDAP 'Bind password' field value can be leaked by a Zabbix Super Admin

The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change...

4.3CVSS0.00387EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/03 11:25 a.m.2 views

CVE-2025-27231 LDAP 'Bind password' field value can be leaked by a Zabbix Super Admin

The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change...

4.3CVSS6.4AI score0.00387EPSS
Exploits0References1
CVE
CVE
added 2025/10/03 11:25 a.m.529 views

CVE-2025-27231

CVE-2025-27231 involves leakage of the LDAP Bind password in Zabbix deployments. According to connected advisories, the issue allows a Super Admin to exfiltrate the Bind password by altering the LDAP Host to a rogue server, even though the password cannot be read after saving under normal conditi...

4.9CVSS6.4AI score0.00387EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2025/10/03 11:25 a.m.4 views

CVE-2025-27231

The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change...

4.9CVSS5.2AI score0.00387EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-28634

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 0.83 and prior to versions 9.5.13 and 10.0.7, a user who has the Technician profile...

8.8CVSS7.7AI score0.00815EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/16 3:38 a.m.8 views

CVE-2025-3671 WPGYM - Wordpress Gym Management System <= 67.7.0 - Authenticated (Subscriber+) Local File Inclusion to Privilege Escalation via Password Update

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 67.7.0 via the 'page' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrar...

8.8CVSS0.00693EPSS
Exploits0References2
OSV
OSV
added 2025/08/12 7:15 p.m.3 views

CVE-2025-53744

An incorrect privilege assignment vulnerability CWE-266 in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow a remote authenticated attacker with high privileges to escalate their privileges to super-admin via...

7.2CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2025/08/12 7:15 p.m.7 views

CVE-2025-53744

An incorrect privilege assignment vulnerability CWE-266 in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow a remote authenticated attacker with high privileges to escalate their privileges to super-admin via...

7.2CVSS0.00571EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/08/12 6:59 p.m.11 views

CVE-2025-53744

An incorrect privilege assignment vulnerability CWE-266 in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow a remote authenticated attacker with high privileges to escalate their privileges to super-admin via...

7.2CVSS0.00571EPSS
Exploits1References1
CVE
CVE
added 2025/08/12 6:59 p.m.36 views

CVE-2025-53744

CVE-2025-53744 affects FortiOS Security Fabric across multiple lines: FortiOS Security Fabric versions 7.6.0–7.6.2, 7.4.0–7.4.7, 7.2, 7.0, and 6.4 all are vulnerable to an improper privilege assignment (CWE-266) that can let a remote authenticated attacker with high privileges escalate to super-a...

7.2CVSS7.1AI score0.00571EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/08/12 6:59 p.m.6 views

CVE-2025-53744

An incorrect privilege assignment vulnerability CWE-266 in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow a remote authenticated attacker with high privileges to escalate their privileges to super-admin via...

7.2CVSS5.8AI score0.00571EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.7 views

PT-2025-32884 · Fortinet · Fortios Security Fabric

Name of the Vulnerable Software and Affected Versions: FortiOS Security Fabric versions 6.4 all versions FortiOS Security Fabric versions 7.0 all versions FortiOS Security Fabric versions 7.2 all versions FortiOS Security Fabric versions 7.4.0 through 7.4.7 FortiOS Security Fabric versions 7.6.0...

9CVSS7.3AI score0.00571EPSS
Exploits1References6
Schneier on Security
Schneier on Security
added 2025/08/01 11:7 a.m.6 views

Spying on People Through Airportr Luggage Delivery Service

Airportr is a service that allows passengers to have their luggage picked up, checked, and delivered to their destinations. As you might expect, it's used by wealthy or important people. So if the company's website is insecure, you'd be able to spy on lots of wealthy or important people. And mayb...

7.4AI score
Exploits0
Rows per page
Query Builder