Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-19311

Malware in sbrugna...

5.4CVSS5.5AI score0.00821EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-4983

Malware in sbrugna...

6.5CVSS6.5AI score0.00968EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-20100

Malware in sbrugna...

5.5CVSS5.5AI score0.00696EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-30268

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00558EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-52444

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.0057EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-4079

Malicious code in bioql PyPI...

8CVSS8.7AI score0.02694EPSS
Exploits0References17
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-17330

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00467EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-20711

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00531EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-46917

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00405EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/08 4:1 p.m.14 views

CVE-2025-22490

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Station 5...

7.5CVSS6.6AI score0.00361EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 3:52 p.m.52 views

CVE-2025-29877

CVE-2025-29877 affects QNAP File Station 5. The issue is a NULL pointer dereference in File Station 5 (remote user with an account can trigger a DoS). A fix is available in File Station 5 version 5.5.6.4847 and later. Multiple sources (NVD, Red Hat, CNVD, CVE lists) describe the vulnerability as ...

7.5CVSS7AI score0.00361EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/06/04 7:59 p.m.58 views

CVE-2025-32015

FreshRSS before version 1.26.2 is affected by an XSS in the iframe srcdoc sanitization, allowing an attacker to load UserJS via a script src if they control a victim feed and have a user account. The attacker could access the victim’s account; if the victim is an admin, they could delete users or...

6.7CVSS6.6AI score0.00387EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 10:9 a.m.6 views

CVE-2024-23190

Upsell shop information of an account can be manipulated to execute script code in the context of the users browser session. To exploit this an attacker would require temporary access to a users account or an successful social engineering attack to lure users to maliciously configured accounts...

5.4CVSS6.9AI score0.00499EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/30 12:0 a.m.8 views

PT-2025-18314 · Opencti · Opencti

Name of the Vulnerable Software and Affected Versions: OpenCTI versions 6.4.8 through 6.4.9 Description: The issue allows a user to bypass allow/deny lists and modify attributes that are intended to be unmodifiable. This includes toggling the external flag on/off, changing the own token value for...

6.3CVSS6.3AI score0.00202EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/03/16 12:0 a.m.19 views

CVE-2025-24856

An issue was discovered in the oidc aka OpenID Connect Authentication extension before 4.0.0 for TYPO3. The account linking logic allows a pre-hijacking attack, leading to Account Takeover. The attack can only be exploited if the following requirements are met: 1 an attacker can anticipate the...

4.2CVSS0.00168EPSS
Exploits0References2
OSV
OSV
added 2024/12/12 7:21 p.m.20 views

GHSA-2R87-74CX-2P7C XWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosList

Impact Any user with an account can perform arbitrary remote code execution by adding instances of XWiki.WikiMacroClass to any page. This compromises the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on a instance, as a connected user without script nor...

9.9CVSS9.8AI score0.01558EPSS
Exploits1References5
CNVD
CNVD
added 2021/04/21 12:0 a.m.3 views

Logic Flaw Vulnerability in Super Star Learning Express Application System Platform

Chaostar is the abbreviation of Beijing Chaostar Company full name: Beijing Century Chaostar Information Technology Development Co., Ltd. Founded in 1993, Chaostar is one of the early companies in China engaged in digitization of paper materials as well as production of electronic publications. A...

7AI score
Exploits0
exploitpack
exploitpack
added 2003/01/14 12:0 a.m.14 views

Geeklog 1.3.7 - Homepage User HTML Injection

Geeklog 1.3.7 - Homepage User HTML Injection source: https://www.securityfocus.com/bid/6604/info Geeklog is prone to HTML injection attacks. The user account 'Homepage' field is not sufficiently sanitized of HTML and script code. As a result, a malicious user may inject malicious HTML and script...

7.6AI score
Exploits0
Rows per page
Query Builder