CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-0323

Malware in sbrugna...

6.8CVSS6.5AI score0.00323EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-5338

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.0024EPSS

Exploits0References3

SUSE Linux•added 2024/11/18 3:24 p.m.•11 views

Security update for httpcomponents-client, httpcomponents-core

This update for httpcomponents-client, httpcomponents-core fixes the following issues: httpcomponents-client: - Update to version 4.5.14 HTTPCLIENT-2206: Corrected resource de-allocation by fluent response objects. HTTPCLIENT-2174: URIBuilder to return a new empty list instead of unmodifiable...

5.4CVSS7.3AI score0.00505EPSS

Exploits1References4

OSV•added 2020/03/30 8:9 p.m.•0 views

GHSA-2MXR-89GF-RC4V Read permissions not enforced for client provided filter expressions in Elide.

Impact It is possible for an adversary to "guess and check" the value of a model field they do not have access to assuming they can read at least one other field in the model. The adversary can construct filter expressions for an inaccessible field to filter a collection. The presence or absence ...

6.8CVSS5.9AI score0.00323EPSS

Exploits0References4

Tenable Nessus•added 2010/02/24 12:0 a.m.•16 views

Debian DSA-1945-1 : gforge - symlink attack

Sylvain Beucler discovered that gforge, a collaborative development tool, is prone to a symlink attack, which allows local users to perform a denial of service attack by overwriting arbitrary files. The oldstable distribution etch, this problem has been fixed in version 4.5.14-22etch13...

3.3CVSS5.5AI score0.0003EPSS

Exploits0References2

Prion•added 2009/11/24 5:30 p.m.•13 views

Sql injection

SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly other versions allows remote attackers to execute arbitrary SQL commands via unknown vectors...

7.5CVSS9AI score0.00413EPSS

Exploits0References3Affected Software1

Tenable Nessus•added 2009/06/18 12:0 a.m.•33 views

Debian DSA-1818-1 : gforge - insufficient input sanitising

Laurent Almeras and Guillaume Smet have discovered a possible SQL injection vulnerability and cross-site scripting vulnerabilities in gforge, a collaborative development tool. Due to insufficient input sanitising, it was possible to inject arbitrary SQL statements and use several parameters to...

7.5CVSS5.6AI score0.00413EPSS

Exploits0References3

OpenVAS•added 2009/01/13 12:0 a.m.•19 views

Debian Security Advisory DSA 1698-1 (gforge)

The remote host is missing an update to gforge announced via advisory DSA 1698-1. OpenVAS Vulnerability Test $Id: deb16981.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1698-1 gforge Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

7.5CVSS6.6AI score0.0108EPSS

Exploits1

OSV•added 2009/01/09 12:0 a.m.•13 views

DSA-1698-1 gforge - SQL injection

Bulletin has no description...

7.5CVSS6.3AI score0.0108EPSS

Exploits5

OSV•added 2007/10/04 12:0 a.m.•22 views

DSA-1383-1 gforge - cross-site scripting

Bulletin has no description...

4.3CVSS6.2AI score0.00507EPSS

Exploits0