Lucene search
K

32 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2017-15727

Malware in sbrugna...

6.5CVSS6.5AI score0.01449EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-13403

Malware in sbrugna...

7.5CVSS7.5AI score0.01712EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-17053

Malware in sbrugna...

6.1CVSS6.3AI score0.00946EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-6480

Malware in sbrugna...

6.3CVSS6.2AI score0.0079EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-48395

Malicious code in bioql PyPI...

9.1CVSS9.4AI score0.00625EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-51098

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00409EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4259

Malicious code in bioql PyPI...

9.1CVSS4.8AI score0.02245EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/23 10:35 a.m.6 views

CVE-2024-8770

A Cross-Site Scripting XSS vulnerability was identified in the repository transfer feature of GitHub Enterprise Server, which allows attackers to steal sensitive user information via social engineering. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in version...

6.1CVSS5.7AI score0.0035EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:3 a.m.6 views

CVE-2023-46935

eyoucms v1.6.4 is vulnerable Cross Site Scripting XSS, which can lead to stealing sensitive information of logged-in users...

5.4CVSS6.1AI score0.00409EPSS
Exploits1
F5 Networks
F5 Networks
added 2025/02/19 6:23 p.m.23 views

K000149858: Apache Tomcat vulnerability CVE-2024-52318

Security Advisory Description Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue. CVE-2024-52318 Impact This vulnerability may...

6.1CVSS7.8AI score0.01676EPSS
Exploits1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/13 12:49 p.m.5 views

CVE-2025-1271 Reflected Cross-Site Scripting (XSS) vulnerability in H6Web

Reflected Cross-Site Scripting XSS in Anapi Group's h6web. This security flaw could allow an attacker to inject malicious JavaScript code into a URL. When a user accesses that URL, the injected code is executed in their browser, which can result in the theft of sensitive information, identity the...

6.1CVSS6AI score0.00262EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:3 p.m.14 views

CVE-2024-7475

An improper access control vulnerability in lunary-ai/lunary version 1.3.2 allows an attacker to update the SAML configuration without authorization. This vulnerability can lead to manipulation of authentication processes, fraudulent login requests, and theft of user information. Appropriate acce...

9.1CVSS7.1AI score0.00625EPSS
Exploits1References1
CVE
CVE
added 2025/01/22 12:0 a.m.53 views

CVE-2024-56924

CVE-2024-56924 affects Code Astro Internet Banking System 2.0.0. The vulnerability is a Cross Site Request Forgery (CSRF) that can allow remote attackers to have an authenticated admin execute arbitrary JavaScript on the admin page (pages_account), potentially changing account settings or exfiltr...

7.3CVSS7.9AI score0.00438EPSS
Exploits2References1Affected Software1
CNVD
CNVD
added 2024/11/01 12:0 a.m.7 views

lunary access control error vulnerability (CNVD-2025-09695)

lunary is lunary open source a production toolkit for LLM . An access control error vulnerability exists in lunary that stems from not properly restricting permissions to update the SAML configuration. An attacker could use this vulnerability to modify the authentication process and steal user...

9.1CVSS7.1AI score0.00625EPSS
Exploits1References1
NVD
NVD
added 2024/10/29 1:15 p.m.24 views

CVE-2024-7475

An improper access control vulnerability in lunary-ai/lunary version 1.3.2 allows an attacker to update the SAML configuration without authorization. This vulnerability can lead to manipulation of authentication processes, fraudulent login requests, and theft of user information. Appropriate acce...

9.1CVSS0.00625EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/10/29 12:45 p.m.21 views

CVE-2024-7475 Improper Access Control in lunary-ai/lunary

An improper access control vulnerability in lunary-ai/lunary version 1.3.2 allows an attacker to update the SAML configuration without authorization. This vulnerability can lead to manipulation of authentication processes, fraudulent login requests, and theft of user information. Appropriate acce...

9.1CVSS0.00625EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/10/29 12:45 p.m.18 views

CVE-2024-7475 Improper Access Control in lunary-ai/lunary

An improper access control vulnerability in lunary-ai/lunary version 1.3.2 allows an attacker to update the SAML configuration without authorization. This vulnerability can lead to manipulation of authentication processes, fraudulent login requests, and theft of user information. Appropriate acce...

9.1CVSS7.3AI score0.00625EPSS
Exploits1References2
CVE
CVE
added 2024/10/29 12:45 p.m.62 views

CVE-2024-7475

CVE-2024-7475 describes an improper access control in lunary-ai/lunary 1.3.2 that lets an attacker update the SAML configuration without authorization. This could enable manipulation of authentication processes, fraudulent login requests, and theft of user information. Multiple connected sources ...

9.1CVSS9.5AI score0.00625EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/23 8:9 p.m.16 views

CVE-2024-8770

A Cross-Site Scripting XSS vulnerability was identified in the repository transfer feature of GitHub Enterprise Server, which allows attackers to steal sensitive user information via social engineering. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in version...

5.8CVSS5.6AI score0.0035EPSS
Exploits0References5
OSV
OSV
added 2024/07/01 3:58 p.m.28 views

CVE-2024-36421 GHSL-2023-234: Flowise Cors Misconfiguration in packages/server/src/index.ts

Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, A CORS misconfiguration sets the Access-Control-Allow-Origin header to all, allowing arbitrary origins to connect to the website. In the default configuration unauthenticated,...

7.5CVSS6.7AI score0.08495EPSS
Exploits1References4
Rows per page
Query Builder