Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-42399

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.01115EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-50342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When usi...

4.3CVSS5.8AI score0.00481EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 1:5 a.m.6 views

CVE-2024-28236

Vela is a Pipeline Automation CI/CD framework built on Linux container technology written in Golang. Vela pipelines can use variable substitution combined with insensitive fields like parameters, image and entrypoint to inject secrets into a plugin/image and — by using common substitution string...

7.7CVSS7.8AI score0.00716EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/12 10:48 a.m.12 views

Security Bulletin: Multiple Vulnerabilities in IBM Event Endpoint Management

Summary Multiple vulnerabilities were addressed in IBM Event Endpoint Management version 11.3.1 Vulnerability Details CVEID:CVE-2024-47561 DESCRIPTION: Apache Avro could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in schema parsing in the Java...

9.2CVSS8AI score0.03278EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/30 11:51 p.m.14 views

CVE-2024-45304 OwnableTwoStep allows a pending owner to accept ownership after the original owner has renounced ownership in cairo-contracts

Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. This vulnerability can lead to unauthorized ownership transfer, contrary to the original owner's intention of leaving the contract without an owner. It introduces a security risk where an unintend...

5.3CVSS7.3AI score0.00479EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/10/20 6:12 p.m.15 views

CVE-2023-45805 Trojan Lockfilein pdm

pdm is a Python package and dependency manager supporting the latest PEP standards. It's possible to craft a malicious pdm.lock file that could allow e.g. an insider or a malicious open source project to appear to depend on a trusted PyPI project, but actually install another project. A project f...

7.8CVSS7.4AI score0.00512EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/05/26 10:57 p.m.34 views

CVE-2023-32321 CKAN remote code execution and private information access via crafted resource ids

CKAN is an open-source data management system for powering data hubs and data portals. Multiple vulnerabilities have been discovered in Ckan which may lead to remote code execution. An arbitrary file write in resourcecreate and packageupdate actions, using the ResourceUploader object. Also...

9.8CVSS10AI score0.01684EPSS
Exploits0References2
OSV
OSV
added 2023/04/18 11:36 p.m.27 views

CVE-2023-29521 Code injection from account/view through VFS Tree macro in xwiki-platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of...

8.4CVSS8.5AI score0.01131EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2022/09/08 12:0 a.m.47 views

Oracle Linux 7 : istio (ELSA-2022-9772)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9772 advisory. - Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045 - Istio CVE-2022-31045, CVE-2022-29225,...

10CVSS6.7AI score0.02701EPSS
Exploits1References2
CVE
CVE
added 2022/06/29 5:45 p.m.68 views

CVE-2022-31032

Tuleap prior to version 13.9.99.58 is affected. The vulnerability arises from improper authorization verification when creating projects or trackers from template projects, allowing information disclosure from those templates. Remediation: upgrade to Tuleap 13.9.99.58 or newer. The available sour...

4.3CVSS4.5AI score0.0089EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/09/21 12:0 a.m.19 views

Debian DLA-1511-1 : reportbug update

Reportbug, a tool designed to make the reporting of bugs in Debian easier, was further enhanced to automatically detect bug reports for potential regressions caused by a security update. After user confirmation an additional email with a copy of the report will be sent to the debian-lts mailing...

5.4AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2013/09/16 3:7 a.m.35 views

Moderate: Red Hat Security Advisory: Red Hat Storage Console 2.1 security update

Updated Red Hat Storage Console packages that fix one security issue, various bugs, and add enhancements are now available for Red Hat Storage Server 2.1. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

5CVSS7.3AI score0.03213EPSS
Exploits0References7
securityvulns
securityvulns
added 2007/09/08 12:0 a.m.24 views

[HISPASEC] 2K7SEPT6 Total Commander 7.01 Remote FTP Client Directory Traversal

HISPASEC Security Advisory http://blog.hispasec.com/lab/ Name : 2K7SEPT6 Total Commander 7.01 Remote FTP Client Directory Traversal Class : Remote Directory Traversal Threat level : HIGH Discovered : 2007-08-25 Published : 2007-09-06 Credit : Gynvael Coldwind Vulnerable : 7.01 and prior == Abstra...

0.1AI score
Exploits0
Rows per page
Query Builder