Lucene search
+L

28 matches found

cve
cve
added 2026/07/07 12:0 a.m.15 views

CVE-2026-51937

OneBlog v2.3.9 is affected by a remote information-disclosure issue in RestApiController.java, JsApiTicketComponent.java, and GetAccessTokenComponent.java. The CVE-2026-51937 entry cites a high-severity (CVSS 3.1: 7.5) vulnerability with network access and low attack complexity, exposing sensitiv...

7.5CVSS6AI score0.0035EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-53641

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.00709EPSS
Exploits1References3
mscve
mscve
added 2025/09/04 6:0 a.m.6 views

An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component.

...

5.9CVSS7AI score0.00324EPSS
Exploits0
cve
cve
added 2025/07/18 12:0 a.m.31 views

CVE-2025-50708

CVE-2025-50708 affects Perplexity AI GPT-4 v2.51.0. The issue is in the token component of the shared chat URL, enabling a remote attacker to obtain sensitive information (confidentiality impact). CVSS: Network attack vector, low attack complexity, no privileges required, no user interaction, wit...

7.5CVSS6.1AI score0.00419EPSS
Exploits0References2
cvelist
cvelist
added 2025/07/18 12:0 a.m.13 views

CVE-2025-50708

An issue in Perplexity AI GPT-4 v.2.51.0 allows a remote attacker to obtain sensitive information via the token component in the shared chat URL...

0.00419EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/02/14 1:19 p.m.11 views

CVE-2024-57604

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...

9.8CVSS7AI score0.00709EPSS
Exploits1References1
osv
osv
added 2025/02/13 12:33 a.m.4 views

GHSA-MPG8-8X9C-P9GV MaysWind ezBookkeeping has Improper Privilege Management

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...

9.8CVSS7.1AI score0.00709EPSS
Exploits1References4
github
github
added 2025/02/13 12:33 a.m.19 views

MaysWind ezBookkeeping has Improper Privilege Management

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...

9.8CVSS7.1AI score0.00709EPSS
Exploits1References4Affected Software1
nvd
nvd
added 2025/02/12 10:15 p.m.29 views

CVE-2024-57604

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...

9.8CVSS0.00709EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2025/02/12 12:0 a.m.5 views

PT-2025-6753 · Mayswind · Mayswind Ezbookkeeping

Name of the Vulnerable Software and Affected Versions: MaysWind ezBookkeeping version 0.7.0 Description: An issue in MaysWind ezBookkeeping allows a remote attacker to escalate privileges via the token component. Recommendations: For MaysWind ezBookkeeping version 0.7.0, consider disabling the...

9.9CVSS7.5AI score0.93027EPSS
Exploits19References44
cvelist
cvelist
added 2025/02/12 12:0 a.m.24 views

CVE-2024-57604

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...

0.00709EPSS
Exploits1References2
cnnvd
cnnvd
added 2025/02/12 12:0 a.m.3 views

ezBookkeeping 安全漏洞

ezBookkeeping is a lightweight personal bookkeeping application by mayswind individual developers. A security vulnerability exists in ezBookkeeping version 0.7.0, which stems from a vulnerability contained in the token component that results in an elevation of privilege vulnerability...

9.8CVSS6.8AI score0.00709EPSS
Exploits1References2
cve
cve
added 2025/02/12 12:0 a.m.88 views

CVE-2024-57604

CVE-2024-57604 affects MaysWind ezBookkeeping 0.7.0. A remote attacker can escalate privileges via the token component. CVSS v3.1 shows: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H with base score 9.8 (CRITICAL). Connected sources also corroborate the same product and issue. The available documents do no...

9.8CVSS7.2AI score0.00709EPSS
Exploits1References2Affected Software1
vulnrichment
vulnrichment
added 2025/02/12 12:0 a.m.7 views

CVE-2024-57604

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...

7.2AI score0.00709EPSS
Exploits1References2
osv
osv
added 2025/02/12 12:0 a.m.3 views

CVE-2024-57604

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...

9.8CVSS7.4AI score0.00709EPSS
Exploits1References4
susecve
susecve
added 2024/05/07 2:39 a.m.3 views

SUSE CVE-2024-33394

An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...

6CVSS7.8AI score0.00324EPSS
Exploits0References5
osv
osv
added 2024/05/02 9:30 p.m.13 views

GHSA-WCCG-V638-J9Q2 karmada vulnerable to arbitrary code execution via a crafted command

An issue in karmada-io karmada v1.9.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...

8.4CVSS8.4AI score0.00184EPSS
Exploits0References3
github
github
added 2024/05/02 9:30 p.m.27 views

karmada vulnerable to arbitrary code execution via a crafted command

An issue in karmada-io karmada v1.9.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...

8.4CVSS7.8AI score0.00184EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2024/05/02 6:15 p.m.23 views

CVE-2024-33394

An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...

5.9CVSS7.3AI score0.00324EPSS
Exploits0References1
osv
osv
added 2024/05/02 6:15 p.m.6 views

AZL-64787 CVE-2024-33394 affecting package kubevirt for versions less than 0.59.0-30

An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...

5.9CVSS6.1AI score0.00324EPSS
Exploits0References1
Rows per page
Query Builder