Lucene search
K

411 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-18940

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00132EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-41134

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00489EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in @zalastax/nolb-react-tm (npm)

The package @zalastax/nolb-react-tm was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-13808 Malicious code in @zalastax/nolb-react-tm (npm)

The package @zalastax/nolb-react-tm was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-11021 Malicious code in @zalastax/nolb-cra-tm (npm)

The package @zalastax/nolb-cra-tm was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in @zalastax/nolb-cra-tm (npm)

The package @zalastax/nolb-cra-tm was found to contain malicious code...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/06/24 12:0 a.m.11 views

PT-2025-26673 · Tarantool +1 · Tarantool +1

Name of the Vulnerable Software and Affected Versions: Tarantool versions up to 3.3.1 Description: A vulnerability has been found in the tm to datetime function in the library src/lib/core/datetime.c. The manipulation leads to a reachable assertion. Attacking locally is a requirement...

4.8CVSS7AI score0.00144EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2025/06/23 8:40 a.m.5 views

CVE-2025-49972

Cross-Site Request Forgery CSRF vulnerability in David Wood TM Replace Howdy tm-replace-howdy allows Cross Site Request Forgery.This issue affects TM Replace Howdy: from n/a through = 1.4.2...

4.3CVSS5.9AI score0.00132EPSS
Exploits0References1
NVD
NVD
added 2025/06/20 3:15 p.m.10 views

CVE-2025-49972

Cross-Site Request Forgery CSRF vulnerability in David Wood TM Replace Howdy tm-replace-howdy allows Cross Site Request Forgery.This issue affects TM Replace Howdy: from n/a through = 1.4.2...

4.3CVSS0.00132EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/20 3:4 p.m.4 views

CVE-2025-49972 WordPress TM Replace Howdy plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in David Wood TM Replace Howdy tm-replace-howdy allows Cross Site Request Forgery.This issue affects TM Replace Howdy: from n/a through = 1.4.2...

4.3CVSS5.9AI score0.00132EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/20 3:4 p.m.18 views

CVE-2025-49972 WordPress TM Replace Howdy plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in David Wood TM Replace Howdy tm-replace-howdy allows Cross Site Request Forgery.This issue affects TM Replace Howdy: from n/a through = 1.4.2...

4.3CVSS0.00132EPSS
Exploits0References1
CVE
CVE
added 2025/06/20 3:4 p.m.19 views

CVE-2025-49972

CVE-2025-49972 concerns the WordPress plugin TM Replace Howdy (versions

4.3CVSS5.9AI score0.00132EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.4 views

WordPress plugin TM Replace Howdy 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

4.3CVSS6.4AI score0.00132EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.12 views

PT-2025-26340 · Unknown · Tm Replace Howdy

Name of the Vulnerable Software and Affected Versions: TM Replace Howdy versions 1.4.2 and earlier Description: A Cross-Site Request Forgery CSRF issue allows unauthorized actions to be performed on behalf of a user. This issue affects the TM Replace Howdy plugin, enabling Cross Site Request...

4.3CVSS6.2AI score0.00132EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 7:20 a.m.7 views

CVE-2024-44912

NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem cryptotm.c...

7.5CVSS7.3AI score0.00489EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:31 a.m.7 views

CVE-2023-5230

The TM WooCommerce Compare & Wishlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'tmwoowishlisttable' shortcode in versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.00333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:4 p.m.7 views

CVE-2022-34213

Jenkins Squash TM Publisher Squash4Jenkins Plugin 1.0.0 and earlier stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

6.5CVSS6.6AI score0.00691EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:57 a.m.7 views

CVE-2018-16987

Squash TM through 1.18.0 presents the cleartext passwords of external services in the administration panel, as demonstrated by a ta-server-password field in the HTML source code...

7.2CVSS6.8AI score0.01297EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:50 a.m.6 views

CVE-2010-3121

Buffer overflow in tm-console-bin in the DevonIT thin-client management tool might allow remote attackers to execute arbitrary code via unspecified vectors...

7.5CVSS8.3AI score0.02442EPSS
Exploits0References1
OSV
OSV
added 2025/05/08 2:15 p.m.6 views

CVE-2025-47730

The TeleMessage archiving backend through 2025-05-05 accepts API calls to request an authentication token from the TM SGNL aka Archive Signal app with the credentials of logfile for the user and enRR8UVVywXYbFkqUQDPRkO for the password...

7.5CVSS5.8AI score0.00337EPSS
Exploits0References4
Rows per page
Query Builder