Lucene search
K

128 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-37281

Malicious code in bioql PyPI...

9.6CVSS6.8AI score0.11131EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2025-3854530fd9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.7CVSS4.8AI score0.00486EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:10 a.m.4 views

CVE-2024-4218

The AffiEasy plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.6. This is due to plugin improperly releasing the tagged and patched version of the plugin - the vulnerable version is used as the core files, while the patched version was...

6.5CVSS5.8AI score0.0022EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/04/17 12:0 a.m.8 views

Fedora 41 : trunk (2025-a265e06eb2)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-a265e06eb2 advisory. Update Trunk to v0.21.13 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested fo...

3.7CVSS5.2AI score0.00486EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.6 views

The vulnerability of dependency managers for Swift and Objective-C CocoaPods, related to the provision of data elements during an erroneous session, allows a perpetrator to intercept the owner’s session and take control of another person’s CocoaPods trunk account.

The vulnerability of the dependency manager for Swift and Objective-C CocoaPods relates to the provision of data elements during an erroneous session. Exploiting this vulnerability can allow a remote attacker to intercept the user’s session and take control of their CocoaPods trunk account...

8.2CVSS5.9AI score0.11131EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/07/01 9:5 p.m.40 views

CVE-2024-38368 Trunk's 'Claim your pod' could be used to obtain un-used pods

trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. A vulnerability affected older pods which migrated from the pre-2014 pull request workflow to trunk. If the pods had never been claimed then it was still possible to do so. It was also possible to have all...

9.3CVSS0.14851EPSS
Exploits0References5
OSV
OSV
added 2024/07/01 8:42 p.m.4 views

CVE-2024-38366 CoacoaPods trunk RCE in email verification system rfc-822

trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. The part of trunk which verifies whether a user has a real email address on signup used a rfc-822 library which executes a shell command to validate the email domain MX records validity. It works via an DNS MX...

10CVSS7.4AI score0.17786EPSS
Exploits1References5
The Hacker News
The Hacker News
added 2024/07/01 4:12 p.m.70 views

Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks

A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks. The vulnerabilities allow "any malicious actor to claim ownership...

10CVSS9.2AI score0.17786EPSS
Exploits2
CVE
CVE
added 2024/05/30 4:31 a.m.54 views

CVE-2024-4218

CVE-2024-4218 affects the AffiEasy WordPress plugin up to version 1.1.7, with a Cross-Site Request Forgery (CSRF) flaw that can be exploited by unauthenticated attackers via forged requests if a site administrator is tricked into performing an action. Connected sources confirm the issue and list ...

6.5CVSS5.8AI score0.0022EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/21 12:0 a.m.11 views

PT-2024-41920

Name of the Vulnerable Software and Affected Versions Arista EOS affected versions not specified Description On platforms where 802.1x authentication is configured on access or trunk ports and routing is enabled on the access VLAN of those ports, a malicious supplicant can bypass the 802.1x...

8.2CVSS5.8AI score0.00317EPSS
Exploits0References4
OSV
OSV
added 2024/03/06 11:2 a.m.42 views

BIT-PYTORCH-2022-45907

In PyTorch before trunk/89695, torch.jit.annotations.parsetypeline can cause arbitrary code execution because eval is used unsafely...

9.8CVSS9.6AI score0.01192EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/12/04 12:0 a.m.5 views

PT-2023-26847 · Dell · Dell Os10 Networking Switches

Name of the Vulnerable Software and Affected Versions: Dell OS10 Networking Switches versions 10.5.2.x and above Description: The issue is related to an Uncontrolled Resource Consumption Denial of Service vulnerability. When switches are configured with VLT and VRRP, a remote unauthenticated user...

7.5CVSS7.3AI score0.007EPSS
Exploits0References5
Citrix
Citrix
added 2023/08/23 12:0 a.m.8 views

Incomplete ARP table record in NetScaler

Trunk Mode enabled in NetScaler interface with multiple tagged VLANs binding. However, customer found there're one VLAN network ARP record show Incomplete in NetScaler ARP table. Like below screenshot:...

7.1AI score
Exploits0
OSV
OSV
added 2022/11/26 2:15 a.m.5 views

UBUNTU-CVE-2022-45907

In PyTorch before trunk/89695, torch.jit.annotations.parsetypeline can cause arbitrary code execution because eval is used unsafely...

9.8CVSS7.2AI score0.01192EPSS
Exploits1References4
Prion
Prion
added 2022/11/26 2:15 a.m.39 views

Code injection

In PyTorch before trunk/89695, torch.jit.annotations.parsetypeline can cause arbitrary code execution because eval is used unsafely...

7.5CVSS9.7AI score0.01192EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/11/26 12:0 a.m.6 views

PyTorch 代码注入漏洞

PyTorch is a Python package in the PyTorch open source. A code injection vulnerability exists in versions prior to PyTorch trunk/89695 that stems from an unsafe use of eval in its torch.jit.annotations.parsetypeline component leading to arbitrary code execution...

9.8CVSS7.5AI score0.01192EPSS
Exploits1References3
OSV
OSV
added 2022/05/14 1:1 a.m.27 views

GHSA-87QX-G5WG-MWMJ RubyGems Cross-site Scripting vulnerability

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Cross Site Scripting XSS vulnerability in gem server display of homepage attribute that can...

6.1CVSS7.2AI score0.02845EPSS
Exploits0References21
OSV
OSV
added 2022/05/13 1:48 a.m.36 views

GHSA-74PV-V9GH-H25P RubyGems Infinite Loop vulnerability

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can...

7.5CVSS8.6AI score0.04809EPSS
Exploits0References21
vulnersOsv
vulnersOsv
added 2021/04/07 12:0 p.m.5 views

cobalt-bin (>=0.7.4 <=0.17.5), hyper-static-server (>=0.1.1 <=0.5.1) +10 more potentially affected by unknown CVE via sass-rs (=0.2.2)

sass-rs CARGO version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on sass-rs and may be impacted: - cobalt-bin =0.7.4, =0.1.1, =0.1.6, =0.1.0, =0.1.0, =0.1.2, =0.1.1-alpha1, =0.7.0, =0.1.0, =0.1.2, =0.1.8 Source cves: unknown CVE Source advisor...

5.8AI score
Exploits0
OSV
OSV
added 2021/01/15 6:15 p.m.4 views

CVE-2021-0203

On Juniper Networks EX and QFX5K Series platforms configured with Redundant Trunk Group RTG, Storm Control profile applied on the RTG interface might not take affect when it reaches the threshold condition. Storm Control enables the device to monitor traffic levels and to drop broadcast, multicas...

8.6CVSS7.3AI score0.01002EPSS
Exploits0References1
Rows per page
Query Builder