Lucene search
K

385 matches found

Vulnrichment
Vulnrichment
added 2026/01/20 3:43 p.m.4 views

CVE-2025-36411 Multiple vulnerabilities found in IBM ApplinX.

IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

3.5CVSS5.4AI score0.00101EPSS
Exploits0References1
CVE
CVE
added 2026/01/20 3:43 p.m.20 views

CVE-2025-36411

IBM ApplinX 11.1 is affected by a CSRF vulnerability (CVE-2025-36411) that could allow an attacker to perform malicious actions on behalf of a trusted user. The issue is documented across multiple sources (including Red Hat and IBM bulletin) with the same vulnerability description. The IBM securi...

3.5CVSS5.4AI score0.00101EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.8 views

IBM ApplinX 跨站请求伪造漏洞

IBM ApplinX is an International Business Machines IBM company focused on converting green screen interfaces into modern web-based applications. IBM ApplinX suffers from a cross-site request forgery vulnerability that stems from the WEB application not adequately verifying that a request is from a...

3.5CVSS5.7AI score0.00101EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:4 a.m.5 views

CVE-2024-41744

IBM CICS TX Standard 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

8.8CVSS6.8AI score0.00193EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/26 9:48 p.m.4 views

CVE-2025-61914 n8n's Possible Stored XSS in "Respond to Webhook" Node May Execute Outside iframe Sandbox

n8n is an open source workflow automation platform. Prior to version 1.114.0, a stored Cross-Site Scripting XSS vulnerability may occur in n8n when using the “Respond to Webhook” node. When this node responds with HTML content containing executable scripts, the payload may execute directly in the...

7.3CVSS5.5AI score0.00217EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/16 12:14 a.m.4 views

EUVD-2025-203482

FreePBX is an open-source web-based graphical user interface GUI that manages Asterisk. Prior to versions 16.0.45 and 17.0.24 of the FreePBX framework, an authenticated local privilege escalation exists in the deprecated FreePBX startup script amportal. In the deprecated amportal utility, the...

8.4CVSS6.3AI score0.0011EPSS
Exploits0References2
CNVD
CNVD
added 2025/12/12 12:0 a.m.2 views

WordPress Chartify plugin cross-site request forgery vulnerability

The WordPress Chartify plugin is a tool for quickly building charts and graphs in your WordPress site, designed to simplify the process of data visualization. WordPress Chartify plugin suffers from a cross-site request forgery vulnerability that stems from the WEB application not adequately...

8.8CVSS6.9AI score0.00139EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/02 9:26 p.m.10 views

CVE-2025-62728

SQL injection vulnerability in Hive Metastore Server HMS when processing delete column statistics requests via the Thrift APIs. The vulnerability is only exploitable by trusted/authorized users/applications that are allowed to call directly the Thrift APIs. In most real-world deployments, HMS is...

5.4CVSS8.2AI score0.00343EPSS
Exploits0References1
OSV
OSV
added 2025/11/26 9:31 a.m.3 views

GHSA-932V-X9X2-VQ29 Hive Metastore Server is vulnerable to SQL Injection

SQL injection vulnerability in Hive Metastore Server HMS when processing delete column statistics requests via the Thrift APIs. The vulnerability is only exploitable by trusted/authorized users/applications that are allowed to call directly the Thrift APIs. In most real-world deployments, HMS is...

8.6CVSS8.1AI score0.00343EPSS
Exploits0References6
Snyk
Snyk
added 2025/10/21 6:30 p.m.6 views

Data Amplification

Overview processwire/processwire is a CMS/CMF. Affected versions of this package are vulnerable to Data Amplification via the Language Support admin interface. A user with lang-edit permission can cause resource exhaustion by uploading a malicious ZIP file that is automatically extracted without...

6.9CVSS5.5AI score0.00395EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2001-1208

Malware in sbrugna...

7.5CVSS6.4AI score0.01419EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-2118

Malware in sbrugna...

6.5CVSS6.4AI score0.00416EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-1157

Malware in sbrugna...

6.5CVSS7.5AI score0.01288EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-3012

Malicious code in bioql PyPI...

8.7CVSS6.4AI score0.00326EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-16746

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00655EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-2766

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00756EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1797

Malicious code in bioql PyPI...

9.9CVSS7.9AI score0.00853EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-0283

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00711EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2023-2470

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01877EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27577

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00189EPSS
Exploits0References2
Rows per page
Query Builder