Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2003-0356

Malware in sbrugna...

7.5CVSS6.4AI score0.0201EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-15755

Malware in sbrugna...

9.8CVSS9.4AI score0.01323EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-22483

Malware in sbrugna...

6.5CVSS7.2AI score0.00515EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-4744

Malware in sbrugna...

4.3CVSS6AI score0.02308EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-17104

Malware in sbrugna...

9.8CVSS9.2AI score0.02133EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-1792

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.03804EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-25898

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00985EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/17 9:45 p.m.8 views

CVE-2025-6391 JSON Web Token (JWT) Exposure in Log Files

Brocade ASCG before 3.3.0 logs JSON Web Tokens JWT in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure...

7.1CVSS6.8AI score0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/08 4:58 p.m.10 views

CVE-2025-49739 Visual Studio Elevation of Privilege Vulnerability

...

8.8CVSS0.00771EPSS
Exploits0References1
OSV
OSV
added 2025/05/14 9:31 p.m.19 views

GHSA-Q7C3-X7HM-QQ72 Jenkins OpenID Connect Provider Plugin Incorrectly Validates Crafted Build ID Tokens

In Jenkins OpenID Connect Provider Plugin 96.vee8ed882ec4d and earlier the generation of build ID Tokens uses potentially overridden values of environment variables, in conjunction with certain other plugins allowing attackers able to configure jobs to craft a build ID Token that impersonates a...

9.1CVSS6.5AI score0.00609EPSS
Exploits0References5
NVD
NVD
added 2025/04/08 9:15 a.m.25 views

CVE-2024-41795

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices is vulnerable to Cross-Site Request Forgery CSRF attacks. This could allow an unauthenticated attacker to change arbitrary device settings by tricking a legitimate device...

6.9CVSS0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/22 12:55 p.m.6 views

CVE-2024-6577

In the latest version of pytorch/serve, the script 'uploadresultstos3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring its ownership or confirming its accessibility. This could lead to potential security vulnerabilities or unauthorized access to the bucket if it is not...

6.3CVSS6.9AI score0.00362EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/03/19 6:59 a.m.25 views

Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems

Cybersecurity researchers have disclosed details of two critical flaws impacting mySCADA myPRO, a Supervisory Control and Data Acquisition SCADA system used in operational technology OT environments, that could allow malicious actors to take control of susceptible systems. "These vulnerabilities,...

9.3CVSS8.7AI score0.01232EPSS
Exploits0
Cvelist
Cvelist
added 2025/01/23 5:36 p.m.22 views

CVE-2024-55930 Weak default folder permissions

Xerox Workplace Suite has weak default folder permissions that allow unauthorized users to access, modify, or delete files...

6.7CVSS0.00282EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/20 12:0 a.m.10 views

Cross-Site WebSocket Hijacking

HTML5 WebSockets allow developers to create bi-directionnal communication channels between clients usually web browsers and servers. To initialize the communication, the WebSocket protocol requires a handshake performed with the HTTP protocol to ugprade the communication. When a web application...

7.4AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.13 views

PT-2024-18213 · WordPress · Print Labels With Barcodes

Name of the Vulnerable Software and Affected Versions: The Print Labels with Barcodes plugin for WordPress versions up to, and including, 3.4.6 Description: The issue allows for unauthorized access, modification, and loss of data due to an improper capability check on 42 separate AJAX functions...

8.8CVSS6.2AI score0.00514EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/09/18 12:0 a.m.5 views

PT-2023-6853 · Moxa · Moxa Pt-G503 Series

Name of the Vulnerable Software and Affected Versions: Moxa PT-G503 Series firmware versions prior to v5.2 Description: The issue is related to the absence of the secure flag in session cookies, which could allow a remote attacker to gain unauthorized access to protected information. This may lea...

5.3CVSS5.3AI score0.00211EPSS
Exploits0References9
CNVD
CNVD
added 2021/04/17 12:0 a.m.6 views

TP-LINK TD-W8950N router suffers from weak password vulnerability

hereinafter referred to as "TP-LINK" is a leading global supplier of network communication equipment. A weak password vulnerability exists in the TP-LINK TD-W8950N router, which can be exploited by an attacker to log in to the system backend and perform unauthorized operations...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2020/10/26 12:0 a.m.5 views

PT-2020-16526 · Ruckus · Ruckus Vriot

Name of the Vulnerable Software and Affected Versions: Ruckus vRioT versions 1.5.1.0.21 and earlier Description: The issue concerns an API backdoor that is hardcoded into the validate token.py file. This backdoor allows an unauthenticated attacker to interact with the service API by using a...

10CVSS9.3AI score0.42479EPSS
Exploits1References15
securityvulns
securityvulns
added 2001/09/11 12:0 a.m.33 views

RUS-CERT Advisory 2001-09:01

Vulnerabilities in PAM and NSS modules using a PostgreSQL database During investigating the problem described in RUS-CERT Advisory 2001-08:01, it became evident that a few PAM and NSS modules which use PostgreSQL as database backend are vulnerable to SQL code injections attacks, too. Systems...

0.5AI score
Exploits0
Rows per page
Query Builder