Lucene search
K

205 matches found

OSV
OSV
added 2025/12/12 11:13 a.m.3 views

BIT-ARGO-WORKFLOWS-2025-66626 argoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic links

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions 3.6.13 and below and versions 3.7.0 through 3.7.4, contain unsafe untar code that handles symbolic links in archives. Concretely, the computation of a link's target and the...

8.1CVSS6.9AI score0.00567EPSS
Exploits1References5
Patchstack
Patchstack
added 2025/11/25 6:56 a.m.8 views

WordPress WavePlayer plugin <= 3.7.0 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by @zdenys in WordPress Plugin WavePlayer versions = 3.7.0...

9.8CVSS7AI score0.0041EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2025/11/21 12:0 a.m.7 views

Wazuh 代码问题漏洞

Wazuh is a Wazuh open source application. It is used to collect, aggregate, index and analyze security data to help organizations detect intrusions, threats and behavioral anomalies. A code issue vulnerability exists in Wazuh versions 3.7.0 through prior to 4.12.0 that stems from the fimalert...

5.1CVSS6.7AI score0.00314EPSS
Exploits1References2
NVD
NVD
added 2025/10/17 4:15 p.m.4 views

CVE-2025-26625

Git LFS is a Git extension for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository's working tree with the contents of Git LFS objects, certain Git LFS commands may write to files visible outside the current Git working tree if symbolic or hard links...

8.6CVSS0.00707EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-1773

Malware in sbrugna...

5.3CVSS7.2AI score0.03307EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-0528

Malware in sbrugna...

7.2CVSS5.6AI score0.0106EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-3195

Malware in sbrugna...

6.5CVSS6.5AI score0.00294EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2766

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00756EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-29719

Malicious code in bioql PyPI...

6.5CVSS5.8AI score0.00589EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-2087

Malicious code in bioql PyPI...

8.8CVSS6.9AI score0.01324EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-25365

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.0025EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-28676

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01116EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25368

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.00347EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-58279

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00865EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-55459

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the getfile function...

6.5CVSS5.9AI score0.00221EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/22 8:30 a.m.5 views

CVE-2025-53194

Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Code Injection.This issue affects JetEngine: from n/a through = 3.7.0...

8.5CVSS5.9AI score0.00347EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 8:15 a.m.2 views

CVE-2025-53196

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetEngine jet-engine allows Retrieve Embedded Sensitive Data.This issue affects JetEngine: from n/a through = 3.7.0...

6.5CVSS0.00459EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:3 a.m.2 views

CVE-2025-53196 WordPress JetEngine <= 3.7.0 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetEngine jet-engine allows Retrieve Embedded Sensitive Data.This issue affects JetEngine: from n/a through = 3.7.0...

6.5CVSS5.9AI score0.00459EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.3 views

PT-2025-33967 · Crocoblock · Jetengine

Name of the Vulnerable Software and Affected Versions: Crocoblock JetEngine versions through 3.7.0 Description: A flaw exists in Crocoblock JetEngine that allows the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations: Update Crocoblo...

6.5CVSS5.8AI score0.00459EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.2 views

WordPress plugin JetEngine 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.5CVSS6.5AI score0.00459EPSS
Exploits0References2
Rows per page
Query Builder