84 matches found
EUVD-2019-17184
Malware in sbrugna...
EUVD-2017-9492
Malware in sbrugna...
EUVD-2018-12793
Malware in sbrugna...
EUVD-2025-28245
Malicious code in bioql PyPI...
EUVD-2025-28246
Malicious code in bioql PyPI...
EUVD-2024-20404
Malicious code in bioql PyPI...
EUVD-2025-28248
Malicious code in bioql PyPI...
EUVD-2024-20405
Malicious code in bioql PyPI...
EUVD-2023-42816
Malicious code in bioql PyPI...
EUVD-2025-28247
Malicious code in bioql PyPI...
CVE-2025-48740
A Cross-Site Request Forgery CSRF vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows a remote attacker to trigger requests on their victim's behalf, if the attacker lures a privileged user, authenticated with basic...
CVE-2025-48741
A Broken Access Control vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, and 5.4.0 before 5.4.10 allows remote, authenticated, and unprivileged users to retrieve alerts, cases, logs, observables, or tasks, regardless of the user's permissions, through a specific API...
CVE-2025-48738
An e-mail flooding vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows unauthenticated remote attackers to use the password reset feature without limits. This can lead to several consequences, including mailbox storage...
CVE-2025-48738
An e-mail flooding vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows unauthenticated remote attackers to use the password reset feature without limits. This can lead to several consequences, including mailbox storage...
CVE-2025-48741
A Broken Access Control vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, and 5.4.0 before 5.4.10 allows remote, authenticated, and unprivileged users to retrieve alerts, cases, logs, observables, or tasks, regardless of the user's permissions, through a specific API...
CVE-2025-48739
A Server-Side Request Forgery SSRF vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows remote authenticated attackers with admin permissions allowing them to access specific API endpoints to manipulate URLs to direct...
CVE-2025-48740
A Cross-Site Request Forgery CSRF vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows a remote attacker to trigger requests on their victim's behalf, if the attacker lures a privileged user, authenticated with basic...
CVE-2024-22876
StrangeBee TheHive 5.1.0 to 5.1.9 and 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting XSS in the case attachment functionality which enables an attacker to upload a malicious HTML file with Javascript code that will be executed in the context of the The Hive application using a specific URL...
CVE-2024-22877
StrangeBee TheHive 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting XSS in the case reporting functionality. This feature allows an attacker to insert malicious JavaScript code inside the template or its variables, that will be executed in the context of the TheHive application when the HTML...
PT-2025-22823 · Strangebee · Thehive
Name of the Vulnerable Software and Affected Versions: StrangeBee TheHive versions 5.2.0 through 5.2.15 StrangeBee TheHive versions 5.3.0 through 5.3.10 StrangeBee TheHive versions 5.4.0 through 5.4.9 StrangeBee TheHive versions 5.5.0 Description: A Cross-Site Request Forgery CSRF issue allows a...