Lucene search
K

164 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-26871

Malicious code in bioql PyPI...

4.9CVSS6.6AI score0.00603EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-35604

Malicious code in bioql PyPI...

9CVSS8.8AI score0.0097EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1369

Malicious code in bioql PyPI...

9.9CVSS8.4AI score0.01144EPSS
Exploits1References5
NVD
NVD
added 2025/08/11 8:15 a.m.39 views

CVE-2025-8660

Privilege escalation occurs when a user gets access to more resources or functionality than they are normally allowed...

9.8CVSS0.00285EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/31 4:38 p.m.14 views

CVE-2025-48474

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application incorrectly checks user access rights for conversations. Users with showonlyassignedconversations enabled can assign themselves to an arbitrary conversation from the mailbox to which they have...

8.1CVSS7AI score0.00406EPSS
Exploits1References1
NVD
NVD
added 2025/05/29 4:15 p.m.14 views

CVE-2025-48474

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application incorrectly checks user access rights for conversations. Users with showonlyassignedconversations enabled can assign themselves to an arbitrary conversation from the mailbox to which they have...

8.1CVSS0.00406EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/05/29 3:55 p.m.13 views

CVE-2025-48474 FreeScout Vulnerable to Insufficient Authorization

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application incorrectly checks user access rights for conversations. Users with showonlyassignedconversations enabled can assign themselves to an arbitrary conversation from the mailbox to which they have...

5.3CVSS0.00406EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 a.m.8 views

CVE-2019-13646

Firefly III before 4.7.17.3 is vulnerable to reflected XSS due to lack of filtration of user-supplied data in a search query. NOTE: It is asserted that an attacker must have the same access rights as the user in order to be able to execute the vulnerability...

5.4CVSS6.1AI score0.00762EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:13 p.m.5 views

CVE-2022-32536

The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights...

9CVSS6.7AI score0.0097EPSS
Exploits0References1
CNVD
CNVD
added 2024/07/19 12:0 a.m.13 views

SolarWinds Access Rights Manager Authorization Issues Vulnerability (CNVD-2024-34985)

SolarWinds Access Rights Manager ARM is a tool for managing and monitoring user access rights. It helps organizations streamline the rights management process and improve security and compliance. An authorization issue vulnerability exists in SolarWinds Access Rights Manager, which can be exploit...

9.6CVSS7.1AI score0.0117EPSS
Exploits0References1
NVD
NVD
added 2024/03/04 8:15 p.m.20 views

CVE-2024-27889

Multiple SQL Injection vulnerabilities exist in the reporting application of the Arista Edge Threat Management - Arista NG Firewall NGFW. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with...

8.8CVSS9.4AI score0.08794EPSS
Exploits0References1
Symantec
Symantec
added 2020/01/14 12:0 a.m.54 views

SAP Leasing CVE-2020-6306 Remote Authorization Bypass Vulnerability

Description SAP Leasing is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected SAP Leasing 6.0 SAP Leasing 6.02 SAP Leasing 6.0...

0.6AI score0.00596EPSS
Exploits0References2Affected Software1
Symantec
Symantec
added 2020/01/14 12:0 a.m.97 views

Microsoft .NET Framework CVE-2020-0606 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

0.1AI score0.17263EPSS
Exploits0
Symantec
Symantec
added 2020/01/08 12:0 a.m.28 views

Cisco Crosswork Change Automation CVE-2019-16024 Cross Site Scripting Vulnerability

Description Cisco Crosswork Change Automation is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

0.2AI score0.00801EPSS
Exploits0References1Affected Software1
Symantec
Symantec
added 2019/11/25 12:0 a.m.34 views

Siemens Polarion Multiple Cross Site Scripting and HTML Injection Vulnerabilities

Description Siemens Polarion is prone to multiple cross-site scripting vulnerabilities and an HTML-injection vulnerability. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based...

0.5AI score
Exploits0References1Affected Software2
Symantec
Symantec
added 2019/11/12 12:0 a.m.28 views

Microsoft Edge Chakra Scripting Engine CVE-2019-1427 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

1AI score0.09374EPSS
Exploits0
Symantec
Symantec
added 2019/11/12 12:0 a.m.35 views

SAP Enable Now CVE-2019-0385 Unspecified Cross Site Scripting Vulnerability

Description SAP Enable Now is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

0.8AI score0.00526EPSS
Exploits0References1Affected Software1
Symantec
Symantec
added 2019/10/16 12:0 a.m.27 views

Cisco Small Business Smart and Managed Switches CVE-2019-12718 Cross Site Scripting Vulnerability

Description Cisco Small Business Smart and Managed Switches are prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...

6.5AI score0.00801EPSS
Exploits0References1Affected Software2
Symantec
Symantec
added 2019/10/15 12:0 a.m.24 views

TYPO3 freeCap CAPTCHA Extension CVE-2019-16699 Remote Code Execution Vulnerability

Description TYPO3 freeCap CAPTCHA extension is prone to a remote code-execution vulnerability. A remote attacker can leverage this issue to execute arbitrary code within the context of the application. Successful exploits will compromise the application and possibly the underlying system. Version...

7.5CVSS0.1AI score0.02427EPSS
Exploits0References1Affected Software1
Symantec
Symantec
added 2019/10/08 12:0 a.m.28 views

TIBCO MDM CVE-2019-11212 Multiple Unspecified Cross-Site Scripting Vulnerabilities

Description TIBCO MDM is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

0.00684EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder