Lucene search
K

108 matches found

Chainguard
Chainguard
added 2026/01/28 7:17 p.m.9 views

CVE-2025-11065 vulnerabilities

Vulnerabilities for packages: kyverno-fips, rancher-security-scan, ratify-fips, boring-registry-fips, mattermost-fips, crossplane-fips, gitlab-cng-fips, k9s-fips, grafana-fips, zitadel, beats-fips, datadog-agent, grafana-mimir-fips, pluto-fips, neuvector-sigstore-interface-fips, elastic-agent-fip...

5.3CVSS6.1AI score0.00357EPSS
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.7 views

GHSA-FRHW-MQJ2-WXW2 vulnerabilities

Vulnerabilities for packages: stern, glow, kube-vip-cloud-provider, timescaledb-tune, secrets-store-csi-driver-provider-gcp, xcover, portieris, smokescreen, docker-credential-ecr-login, kubernetes-csi-driver-nfs, prometheus-blackbox-exporter, smarter-device-manager, kaf, terraform-provider-time,...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/23 5:56 a.m.3 views

Malicious code in haedal-vaults-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4cdc575f935d62b37b17082181381a8002b5784fedda1dfc854ef2f74f39edf6 The OpenSSF Package Analysis project identified 'haedal-vaults-sdk' @ 1.6.0 npm as malicious. It is considered malicious because: - The package...

7.2AI score
Exploits0
OSV
OSV
added 2025/10/23 5:56 a.m.2 views

MAL-2025-48948 Malicious code in haedal-vaults-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4cdc575f935d62b37b17082181381a8002b5784fedda1dfc854ef2f74f39edf6 The OpenSSF Package Analysis project identified 'haedal-vaults-sdk' @ 1.6.0 npm as malicious. It is considered malicious because: - The package...

7.2AI score
Exploits0
Veracode
Veracode
added 2025/10/08 2:48 p.m.6 views

Information Disclosure

sigs.k8s.io/secrets-store-sync-controller is vulnerable to Information Disclosure. The vulnerability is due to improper error handling and service account tokens being logged during parameter marshaling errors, and attackers with log access can use these tokens to retrieve secrets from cloud vaul...

6.5CVSS6.9AI score0.00179EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-33890

Malicious code in bioql PyPI...

2.7CVSS4.4AI score0.00442EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-16378

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.00484EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4934

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01724EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-33930

Malicious code in bioql PyPI...

4.9CVSS5.4AI score0.00979EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6156

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00409EPSS
Exploits0References3
Wolfi
Wolfi
added 2025/09/20 2:20 p.m.6 views

CVE-2025-47906 vulnerabilities

Vulnerabilities for packages: php-fpmexporter, gitsign, shfmt, cloud-provider-aws, git-lfs, kserve-rest-proxy, kube-vip, vexctl, grafana-operator, kube-vip-cloud-provider, lvm-driver, gostatsd, kuberay-operator, dagdotdev, local-path-provisioner, newrelic-fluent-bit-output, confluent-common-docke...

6.5CVSS6.5AI score0.00489EPSS
Exploits1
Wolfi
Wolfi
added 2025/09/20 2:20 p.m.7 views

GHSA-GWRF-JF3H-W649 vulnerabilities

Vulnerabilities for packages: php-fpmexporter, gitsign, shfmt, cloud-provider-aws, git-lfs, kserve-rest-proxy, kube-vip, vexctl, grafana-operator, kube-vip-cloud-provider, lvm-driver, gostatsd, kuberay-operator, dagdotdev, local-path-provisioner, newrelic-fluent-bit-output, confluent-common-docke...

5.9AI score
Exploits0
Metasploit
Metasploit
added 2025/09/16 6:53 p.m.1058 views

Obsidian Plugin Persistence

This module searches for Obsidian vaults for a user, and uploads a malicious community plugin to the vault. The vaults must be opened with community plugins enabled NOT restricted mode, but the plugin will be enabled automatically. Tested against Obsidian 1.7.7 on Kali, Ubuntu 22.04, and Windows...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/18 4:5 a.m.3 views

Malicious code in noya-vaults (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c04ef9aa2ad40a3e1dacb5babc831a84e76560f5eddec262e912da4087187a49 The OpenSSF Package Analysis project identified 'noya-vaults' @ 1.0.1...

7.1AI score
Exploits0
OSV
OSV
added 2025/07/18 4:5 a.m.1 views

MAL-2025-6005 Malicious code in noya-vaults (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c04ef9aa2ad40a3e1dacb5babc831a84e76560f5eddec262e912da4087187a49 The OpenSSF Package Analysis project identified 'noya-vaults' @ 1.0.1...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/08 12:0 a.m.2 views

Rugsafe: a Multichain Protocol for Recovering from and Defending against Rug Pulls

Rugsafe introduces a comprehensive protocol aimed at mitigating the risks of rug pulls in the cryptocurrency ecosystem. By utilizing cryptographic security measures and economic incentives, the protocol provides a secure multichain system for recovering assets and transforming rugged tokens into...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/06 12:0 a.m.7 views

Devolutions Remote Desktop Manager < 2025.1.37.0 Data Exposure (DEVO-2025-0009)

The version of Devolutions Remote Desktop Manager installed on the remote host is prior to 2025.1.37.0 or prior and is, therefore, affected by a private information exposure vulnerability. This could allow an authenticated user to gain unauthorized access to private personal information. Under...

7.5CVSS5.6AI score0.00484EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/31 2:51 p.m.14 views

CVE-2025-5334

Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager allows an authenticated user to gain unauthorized access to private personal information. Under specific circumstances, entries may be unintentionally moved from us...

7.5CVSS7.1AI score0.00484EPSS
Exploits0References1
NVD
NVD
added 2025/05/29 3:15 p.m.11 views

CVE-2025-5334

Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager allows an authenticated user to gain unauthorized access to private personal information. Under specific circumstances, entries may be unintentionally moved from us...

7.5CVSS0.00484EPSS
Exploits0References1
OSV
OSV
added 2025/05/29 3:15 p.m.5 views

CVE-2025-5334

Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager allows an authenticated user to gain unauthorized access to private personal information. Under specific circumstances, entries may be unintentionally moved from us...

7.5CVSS5.7AI score0.00484EPSS
Exploits0References1
Rows per page
Query Builder