Lucene search
+L

239 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-3945

Malware in sbrugna...

7.5CVSS7.5AI score0.01209EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2025/10/06 12:0 a.m.141 views

📄 GaatiTrack 1.0 SQL Injection

GaatiTrack version 1.0 suffers from multiple remote SQL injection vulnerabilities. Metasploit module included. Titles: GaatiTrack-1.0 Copyright©2025-Multiple-SQLi - Metasploit module Author: nu11secur1ty Date: 10/06/2025 Vendor: https://www.mayurik.com/ Software:...

8.5AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-41298

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00729EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54205

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.00964EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-55647

Malicious code in bioql PyPI...

7.8CVSS7.4AI score0.04632EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-33015

Malicious code in bioql PyPI...

4.7CVSS5.2AI score0.00214EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.26 views

EUVD-2022-0662

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.05087EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2025/09/09 12:0 a.m.239 views

📄 Rupee Invoice 1.0 SQL Injection

Rupee Invoice version 1.0 suffers from a remote SQL injection vulnerability. Titles: RUPEE-INVOICE-1.0-Multiple-SQLi Author: nu11secur1ty Date: 09/09/2025 Vendor: https://www.mayurik.com/ Software:...

8.1AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/06/11 2:59 a.m.13 views

CVE-2024-1244 Remote code execution and local privilege escalation due to UNC access and NetNTLMv2 hash theft

Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an attacker in with control over the OSSEC server or in possession of the agent's key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2...

9.5CVSS8.3AI score0.00297EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/06/11 2:59 a.m.6 views

CVE-2024-1244

Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an attacker in with control over the OSSEC server or in possession of the agent's key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2...

9.5CVSS8.4AI score0.00297EPSS
Exploits0References2
CVE
CVE
added 2025/06/11 1:15 a.m.65 views

CVE-2024-1243

The CVE-2024-1243 entry concerns Wazuh agent for Windows prior to 4.8.0. It states improper input validation can be exploited by an attacker who controls the Wazuh server or agent key to configure the agent to connect to a malicious UNC path, leading to leakage of the machine account NetNTLMv2 ha...

9.5CVSS8.2AI score0.00545EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.6 views

PT-2025-25178 · Ossec · Ossec Hids Agent For Windows

Name of the Vulnerable Software and Affected Versions: OSSEC HIDS agent for Windows versions prior to 3.8.0 Description: The issue is related to improper input validation, allowing an attacker with control over the OSSEC server or in possession of the agent's key to configure the agent to connect...

9.5CVSS7.5AI score0.00297EPSS
Exploits0References7
OSV
OSV
added 2025/06/04 2:9 p.m.1 views

SUSE-SU-2025:01813-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.10.2 MFSA 2025-40, bsc1243303: Security fixes: - CVE-2025-4918: Out-of-bounds access when resolving Promise objects bmo1966612 - CVE-2025-4919: Out-of-bounds access when optimizing linear sums...

9.8CVSS7.1AI score0.08947EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 p.m.8 views

CVE-2022-25166

An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters such as auth-user-pass. When this file is imported and the client attempts to validate the file path, it performs an open...

5CVSS6.6AI score0.0145EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:24 p.m.8 views

CVE-2020-11595

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and obtain the upload folder path that includes the hostname in a UNC path...

7.5CVSS7.7AI score0.01209EPSS
Exploits1References1
OSV
OSV
added 2025/03/07 9:15 p.m.4 views

CVE-2024-42733

An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary code via a crafted script to the UNC path input...

9.8CVSS6.1AI score0.00964EPSS
Exploits2References2
NVD
NVD
added 2025/03/07 9:15 p.m.8 views

CVE-2024-42733

An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary code via a crafted script to the UNC path input...

9.8CVSS0.00964EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/03/07 12:0 a.m.5 views

CVE-2024-42733

An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary code via a crafted script to the UNC path input...

8AI score0.00964EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/03/07 12:0 a.m.13 views

CVE-2024-42733

An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary code via a crafted script to the UNC path input...

0.00964EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.8 views

PT-2025-49180

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.30 through 2.4.65 Description An integer overflow occurs during failed ACME certificate renewal. After approximately 30 days of failures with default configurations, the backoff timer reaches zero. Subsequent...

7.8CVSS6.9AI score0.00417EPSS
Exploits0References222
Rows per page
Query Builder