Lucene search
K

34 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:48 a.m.5 views

CVE-2022-27083

Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadAccessCodePic...

10CVSS8AI score0.02871EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-8887

Malware in sbrugna...

8.8CVSS8.6AI score0.0102EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2004-0791

Malware in sbrugna...

7.2CVSS6.3AI score0.00559EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-1906

Malware in sbrugna...

5.1CVSS6AI score0.05464EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-17902

Malware in sbrugna...

8.8CVSS9.1AI score0.01948EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-7044

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00646EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-15532

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00162EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-47737

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01191EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-45379

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00954EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-19477

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00482EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/24 3:18 p.m.10 views

CVE-2025-4383 Authentication Bypass in Art-In Systems' Wi-Fi Cloud Hotspot

Improper Restriction of Excessive Authentication Attempts vulnerability in Art-in Bilişim Teknolojileri ve Yazılım Hizm. Tic. Ltd. Şti. Wi-Fi Cloud Hotspot allows Authentication Abuse, Authentication Bypass. This issue affects Wi-Fi Cloud Hotspot: before 30.05.2025...

9.3CVSS0.00343EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 12:3 a.m.8 views

CVE-2022-25047

The password reset token in CWP v0.9.8.1126 is generated using known or predictable values...

5.9CVSS7.2AI score0.0154EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:54 p.m.7 views

CVE-2022-2353

Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user...

6.3CVSS6.6AI score0.00451EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2025/05/15 8:16 p.m.14 views

CVE-2025-47928

Spotipy is a Python library for the Spotify Web API. As of commit 4f5759dbfb4506c7b6280572a4db1aabc1ac778d, using pullrequesttarget on .github/workflows/integrationtests.yml followed by the checking out the head.sha of a forked PR can be exploited by attackers, since untrusted code can be execute...

9.1CVSS7.2AI score0.00404EPSS
Exploits0References4
NVD
NVD
added 2025/05/13 10:15 a.m.15 views

CVE-2025-40578

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions. Affected devices do not properly handle multiple incoming Profinet packets received in rapid succession. An unauthenticated remote attacker can exploit this flaw by sending multiple packets in a very short ti...

5.3CVSS0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/07 6:25 p.m.7 views

CVE-2025-4282

A vulnerability has been found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=save. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The...

8.8CVSS7AI score0.00274EPSS
Exploits1References1
CVE
CVE
added 2025/04/15 8:31 p.m.54 views

CVE-2025-30694

CVE-2025-30694 affects Oracle Database Server’s XML Database component. Affected versions are 19.3–19.26, 21.3–21.17, and 23.4–23.7. The vulnerability is exploitable by a low-privilege user with User Account privilege who has network access via HTTP, with exploitation requiring user interaction. ...

5.4CVSS4.4AI score0.00323EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/04/09 3:14 p.m.12 views

CVE-2025-32372 Server-Side Request Forgery (SSRF) in DotNetNuke.Core

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. A bypass has been identified for the previously known vulnerability CVE-2017-0929, allowing unauthenticated attackers to execute arbitrary GET requests against target systems, including...

6.5CVSS7.9AI score0.00335EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/03/20 12:32 p.m.10 views

Gradio Path Traversal vulnerability

A vulnerability in the gradio-app/gradio repository, version git 67e4044, allows for path traversal on Windows OS. The implementation of the blockedpath functionality, which is intended to disallow users from reading certain files, is flawed. Specifically, while the application correctly blocks...

5.3CVSS6.6AI score0.0064EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/03/20 10:15 a.m.3 views

CVE-2024-7035

In version v0.3.8 of open-webui/open-webui, sensitive actions such as deleting and resetting are performed using the GET method. This vulnerability allows an attacker to perform Cross-Site Request Forgery CSRF attacks, where an unaware user can unintentionally perform sensitive actions by simply...

6.9CVSS7AI score
Exploits0References1
Rows per page
Query Builder