Lucene search
+L

304 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2005-3665

Malware in sbrugna...

5CVSS6AI score0.02907EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-2131

Malware in sbrugna...

7.5CVSS7.5AI score0.04441EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2010-1344

Malware in sbrugna...

5CVSS6.4AI score0.08233EPSS
Exploits2References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-0771

Malware in sbrugna...

6.1CVSS6.2AI score0.00932EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-28219

Malicious code in bioql PyPI...

8.6CVSS6.4AI score0.00787EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2022-33946

Malicious code in bioql PyPI...

3.6CVSS4.5AI score0.00243EPSS
Exploits0References2
OSV
OSV
added 2025/09/15 4:56 p.m.4 views

CVE-2025-59155 hackmd-mcp server-side request forgery in HTTP transport mode

hackmd-mcp is a Model Context Protocol server for integrating HackMD's note-taking platform with AI assistants. From 1.4.0 to before 1.5.0, hackmd-mcp contains a server-side request forgery SSRF vulnerability when the server is run in HTTP transport mode. Arbitrary hackmdApiUrl values supplied vi...

6.9CVSS6.7AI score0.00332EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/27 12:0 a.m.4 views

Campcodes Online Loan Management System 安全漏洞

CampCodes Online Loan Management System is an online loan management system from CampCodes Philippines, Inc. A security vulnerability exists in Campcodes Online Loan Management System version 1.0, which is caused by a SQL injection due to incorrect manipulation of the parameter loanid in...

9.8CVSS7.7AI score0.00387EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/08/25 3:38 p.m.2 views

CVE-2025-55301 The Scratch Channel Allows Username Modification

The Scratch Channel is a news website. In version 1, it is possible to go to application in devtools and click local storage to edit the account's username locally. This issue has been patched in version 1.1...

6.7CVSS6.3AI score0.00159EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/25 12:0 a.m.5 views

PT-2025-34671 · Unknown · Scratch Channel

Name of the Vulnerable Software and Affected Versions: The Scratch Channel version 1 The Scratch Channel version 1.1 Description: The application allows modification of the account's username locally by accessing local storage through the developer tools. Recommendations: Update to version 1.1...

6.7CVSS6.4AI score0.00159EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/28 12:0 a.m.10 views

PT-2025-31033 · Code Projects · Code-Projects Online Ordering System

Name of the Vulnerable Software and Affected Versions: code-projects Online Ordering System version 1.0 Description: A critical vulnerability exists in code-projects Online Ordering System. The issue involves SQL injection, specifically through manipulation of the firstname argument in the...

9.8CVSS7.6AI score0.00421EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/07/10 12:0 a.m.5 views

PT-2025-28986 · Mediatek +1 · Mt8365 +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: This issue involves an invalid pointer dereference in the pinctrl: mediatek: eint subsystem for platforms using version 1 of the common driver. A commit introduced access to the soc...

5.8AI score0.00137EPSS
Exploits0References8
Debian
Debian
added 2025/06/21 4:11 p.m.6 views

[SECURITY] [DLA 4223-1] debian-security-support update

Debian LTS Advisory DLA-4223-1 [email protected] https://www.debian.org/lts/security/ Santiago Ruano Rincón June 21, 2025 https://wiki.debian.org/LTS Package : debian-security-support Version : 1:11+2025.06.21 Debian Bug : 1100929 1106203 debian-security-support, the Debian security...

5.8AI score
Exploits0
OSV
OSV
added 2025/06/06 5:36 p.m.9 views

CVE-2025-49011 SpiceDB checks involving relations with caveats can result in no permission when permission is expected

SpiceDB is an open source database for storing and querying fine-grained authorization data. Prior to version 1.44.2, on schemas involving arrows with caveats on the arrow’ed relation, when the path to resolve a CheckPermission request involves the evaluation of multiple caveated branches, reques...

3.7CVSS6.5AI score0.00266EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/06/06 12:54 p.m.17 views

CVE-2025-28996 WordPress GPP Slideshow plugin <= 1.3.5 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Thad Allender GPP Slideshow gpp-slideshow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GPP Slideshow: from n/a through = 1.3.5...

4.3CVSS0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:41 a.m.9 views

CVE-2024-49373

No Fuss Computing Centurion ERP is open source enterprise resource planning ERP software. Prior to version 1.2.1, an authenticated user can view projects within organizations they are not apart of. Version 1.2.1 fixes the problem...

4.3CVSS6.7AI score0.00369EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:30 a.m.10 views

CVE-2023-41047

OctoPrint is a web interface for 3D printers. OctoPrint versions up until and including 1.9.2 contain a vulnerability that allows malicious admins to configure a specially crafted GCODE script that will allow code execution during rendering of that script. An attacker might use this to extract da...

6.5CVSS8AI score0.00568EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:12 a.m.10 views

CVE-2023-23898

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in CreativeThemes Blocksy Companion plugin = 1.8.67 versions...

5.5CVSS5.6AI score0.00341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:25 p.m.10 views

CVE-2022-32374

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/getsubjectrouting.php?id=...

7.2CVSS8.1AI score0.00909EPSS
Exploits1References1
OSV
OSV
added 2025/05/13 10:15 p.m.4 views

ALPINE-CVE-2025-47905

Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow client-side desync via HTTP/1 requests, because the product incorrectly permits CRLF to be skipped to delimit chunk boundaries...

5.4CVSS7AI score0.00328EPSS
Exploits0References1
Rows per page
Query Builder