Lucene search
K

352 matches found

Patchstack
Patchstack
added 2026/06/16 2:8 p.m.5 views

NPM: hono: AWS Lambda adapter merges multiple `Set-Cookie` headers into one value, dropping cookies on ALB single-header and Lattice

NPM: hono: AWS Lambda adapter merges multiple Set-Cookie headers into one value, dropping cookies on ALB single-header and Lattice vulnerability discovered by ? in WordPress Npm hono versions 4.12.25...

5.3CVSS5.8AI score0.00186EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/12/09 4:17 p.m.4 views

CVE-2025-40819

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP4. Affected applications do not properly validate license restrictions against the database, allowing direct modification of the systemticketinfo table to bypass license limitations without proper enforcement...

4.3CVSS0.0021EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-5205

Malware in sbrugna...

5.4CVSS5.6AI score0.00521EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0202

Malware in sbrugna...

5.3CVSS5.5AI score0.0154EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-21403

Malware in sbrugna...

4.8CVSS5.1AI score0.00645EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-44949

Malicious code in bioql PyPI...

5.3CVSS5.9AI score0.00304EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54662

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00317EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-25120

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00908EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-6820

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rcubeutils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets CSS...

6.1CVSS6.5AI score0.01293EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2025/07/10 3:8 p.m.14 views

CVE-2024-8925 affecting package php for versions less than 8.3.12-1

CVE-2024-8925 affecting package php for versions less than 8.3.12-1. A patched version of the package is available...

5.3CVSS6.9AI score0.00947EPSS
Exploits1
Cvelist
Cvelist
added 2025/06/20 3:4 p.m.22 views

CVE-2025-50015 WordPress Hand Talk plugin <= 6.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rodrigo Bastos Hand Talk handtalk allows Stored XSS.This issue affects Hand Talk: from n/a through = 6.1...

5.9CVSS0.00218EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/05/27 1:15 p.m.3 views

CVE-2025-5268

Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox...

8.1CVSS7.7AI score0.00398EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/22 10:54 p.m.9 views

CVE-2022-32258

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.1. The affected application contains an older feature that allows to import device configurations via a specific endpoint. An attacker could use this vulnerability for information disclosure...

7.5CVSS6.3AI score0.00828EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:32 p.m.10 views

CVE-2021-31339

A vulnerability has been identified in Mendix Excel Importer Module All versions V9.0.3. Uploading a manipulated XML File results in an exception that could expose information about the Application-Server and the used XML-Framework...

4.3CVSS6.5AI score0.00761EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2025/04/22 3:8 p.m.7 views

CVE-2024-35255 affecting package prometheus for versions less than 2.45.4-11

CVE-2024-35255 affecting package prometheus for versions less than 2.45.4-11. A patched version of the package is available...

5.5CVSS7.3AI score0.00788EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/04/08 8:22 a.m.8 views

CVE-2025-30000

A vulnerability has been identified in Siemens License Server SLS All versions V4.3. The affected application does not properly restrict permissions of the users. This could allow a lowly-privileged attacker to escalate their privileges...

6.7CVSS7AI score0.00125EPSS
Exploits0References1
OSV
OSV
added 2025/03/21 10:15 p.m.7 views

AZL-77490 CVE-2025-30204 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-27

golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...

7.5CVSS6.7AI score0.00693EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2025/03/19 3:8 p.m.12 views

CVE-2023-29932 affecting package llvm for versions less than 12.0.1-8

CVE-2023-29932 affecting package llvm for versions less than 12.0.1-8. A patched version of the package is available...

5.5CVSS6.9AI score0.00221EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/14 2:4 p.m.13 views

Security Bulletin: Arbitrary QPY Execution in Qiskit SDK QPY Deserialization < 13

Summary A maliciously crafted QPY payload can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY format versions 13. A Python process calling Qiskit's qiskit.qpy.load function could potentially execute any arbitrary Python code embedded in...

9.8CVSS7.4AI score0.00741EPSS
Exploits0Affected Software1
CBLMariner
CBLMariner
added 2025/03/13 3:10 p.m.9 views

CVE-2025-27144 affecting package influxdb for versions less than 2.7.5-2

CVE-2025-27144 affecting package influxdb for versions less than 2.7.5-2. A patched version of the package is available...

8.7CVSS7.8AI score0.00369EPSS
Exploits0
Rows per page
Query Builder