Lucene search
K

12 matches found

Vulnrichment
Vulnrichment
added 2026/04/02 2:1 p.m.4 views

CVE-2026-26928 Lack of Dynamic Library Validation in SzafirHost

SzafirHost downloads necessary files in the context of the initiating web page. When called, SzafirHost updates its dynamic library. JAR files are correctly verified based on a list of trusted file hashes, and if a file was not on that list, it was checked to see if it had been digitally signed b...

8.7CVSS5.8AI score0.00213EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/06 7:23 p.m.24 views

CVE-2026-25642 HedgeDoc security headers for uploaded files were not working

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...

4.3CVSS0.00194EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/10 12:30 a.m.5 views

EUVD-2025-206271

Details On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the proper security levels. The regression was traced back to a change in May 2025, which was meant to allow file uploads to be shared among different...

3.5CVSS6.3AI score0.00196EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-4799

Malware in sbrugna...

10CVSS6.3AI score0.02607EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.17 views

EUVD-2021-22764

Malware in sbrugna...

8.8CVSS8.5AI score0.01021EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-16976

Malware in sbrugna...

6.5CVSS6.6AI score0.01392EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-18934

Malware in sbrugna...

7.5CVSS7.6AI score0.01473EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/04/02 9:38 p.m.6 views

CVE-2025-31484 conda-forge infrastructure uses a bad token for Azure's cf-staging access

conda-forge infrastructure holds common configurations and settings for key pieces of the conda-forge infrastructure. Between 2025-02-10 and 2025-04-01, conda-forge infrastructure used the wrong token for Azure's cf-staging access. This bug meant that any feedstock maintainer could upload a packa...

9.3CVSS7.2AI score0.00387EPSS
Exploits0References2
CVE
CVE
added 2025/04/02 9:38 p.m.56 views

CVE-2025-31484

CVE-2025-31484 affects the conda-forge infrastructure. Between 2025-02-10 and 2025-04-01, the infrastructure used the wrong Azure cf-staging access token, allowing any feedstock maintainer to upload a package to the conda-forge channel and bypass the standard feedstock-token + upload process. The...

9.3CVSS7.2AI score0.00387EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.5 views

PT-2025-14560 · Unknown · Conda-Forge

Name of the Vulnerable Software and Affected Versions: conda-forge infrastructure affected versions not specified Description: A bug in the conda-forge infrastructure allowed any feedstock maintainer to upload a package to the conda-forge channel, bypassing the feedstock-token + upload process,...

9.3CVSS6.2AI score0.00387EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/12/01 12:0 a.m.7 views

PT-2023-32227

Name of the Vulnerable Software and Affected Versions ArslanSoft Education Portal versions prior to v1.1 Description The issue allows Command Injection due to an Unrestricted Upload of File with Dangerous Type vulnerability. Recommendations For versions prior to v1.1, update to version v1.1 or...

9.8CVSS7.3AI score0.01681EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2005/09/14 12:0 a.m.26 views

Mail-it Now! Upload2Server Predictable Filename Upload Arbitrary Code Execution

The remote host is running Mail-it Now! Upload2Server, a free, PHP feedback form script supporting file uploads. The version of Upload2Server installed on the remote host stores uploaded files insecurely. An attacker may be able to exploit this flaw to upload a file with arbitrary code and then...

6.1AI score
Exploits0References1
Rows per page
Query Builder