Lucene search
+L

56 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-8681

Malware in sbrugna...

9CVSS7AI score0.02013EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-29342

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01508EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-29341

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.007EPSS
Exploits0References3
cnnvd
cnnvd
added 2025/07/29 12:0 a.m.5 views

XORUX LPAR2RRD 安全漏洞

XORUX LPAR2RRD is a server performance monitoring platform from the Czech company XORUX. A security vulnerability exists in XORUX LPAR2RRD that stems from a combination of directory traversal and file upload functionality that could lead to remote code execution...

8.8CVSS7.6AI score0.03038EPSS
Exploits4References3
cnnvd
cnnvd
added 2025/07/29 12:0 a.m.5 views

XORUX LPAR2RRD 安全漏洞

XORUX LPAR2RRD is a server performance monitoring platform from the Czech company XORUX. A security vulnerability exists in XORUX LPAR2RRD that stems from improper privilege management and could lead to process termination...

6.5CVSS6.5AI score0.05296EPSS
Exploits2References2
cnnvd
cnnvd
added 2025/07/29 12:0 a.m.5 views

XORUX LPAR2RRD 安全漏洞

XORUX LPAR2RRD is a server performance monitoring platform from the Czech company XORUX. A security vulnerability exists in XORUX LPAR2RRD that stems from improper access control of API endpoints, which could lead to the disclosure of sensitive information...

5.3CVSS6.2AI score0.03976EPSS
Exploits2References2
packetstorm
packetstorm
added 2025/07/29 12:0 a.m.146 views

📄 Xorux XorMon-NG 1.8 Information Disclosure

Xorux XorMon-NG versions 1.8 and below has an API endpoint that should be limited to web application administrators. It is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to export the appliance configuration, exposing sensitive information...

5.3CVSS6.2AI score0.06894EPSS
Exploits2
packetstorm
packetstorm
added 2025/07/29 12:0 a.m.114 views

📄 Xorux LPAR2RRD 8.04 File Upload / Directory Traversal

Xorux LPAR2RRD versions 8.04 and below allow an authenticated, read-only user to upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code...

8.8CVSS9.7AI score0.03038EPSS
Exploits4
packetstorm
packetstorm
added 2025/07/29 12:0 a.m.128 views

📄 Xorux LPAR2RRD 8.04 Denial of Service

Xorux LPAR2RRD versions 8.04 and below have an issue where an authenticated, read-only user can kill any processes running on the Xormon Original virtual appliance as the lpar2rrd user. KL-001-2025-014: Xorux LPAR2RRD Read Only User Denial of Service Title: Xorux LPAR2RRD Read Only User Denial of...

6.5CVSS6.5AI score0.05296EPSS
Exploits2
packetstorm
packetstorm
added 2025/07/29 12:0 a.m.102 views

📄 Xorux LPAR2RRD 8.04 Information Disclosure

Xorux LPAR2RRD versions 8.04 and below have an API endpoint that should be limited to web application administrators. It is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to download logs from the appliance configuration, exposing sensitive...

5.3CVSS6.2AI score0.03976EPSS
Exploits2
cvelist
cvelist
added 2025/07/28 11:34 p.m.16 views

CVE-2025-54769 KL-001-2025-016: Xorux LPAR2RRD File Upload Directory Traversal

An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code execution RCE by an attacker...

0.03038EPSS
Exploits4References2
vulnrichment
vulnrichment
added 2025/07/28 11:34 p.m.3 views

CVE-2025-54769 KL-001-2025-016: Xorux LPAR2RRD File Upload Directory Traversal

An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code execution RCE by an attacker...

7.5AI score0.03038EPSS
Exploits4References2
vulnrichment
vulnrichment
added 2025/07/28 11:31 p.m.8 views

CVE-2025-54768 KL-001-2025-015: Xorux LPAR2RRD Read Only User Log Download Exposing Sensitive Information

An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to download logs from the appliance configuration, exposing sensitive information...

6.4AI score0.03976EPSS
Exploits2References2
cvelist
cvelist
added 2025/07/28 11:31 p.m.38 views

CVE-2025-54768 KL-001-2025-015: Xorux LPAR2RRD Read Only User Log Download Exposing Sensitive Information

An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to download logs from the appliance configuration, exposing sensitive information...

0.03976EPSS
Exploits2References2
vulnrichment
vulnrichment
added 2025/07/28 11:28 p.m.3 views

CVE-2025-54767 KL-001-2025-014: Xorux LPAR2RRD Read Only User Denial of Service

An authenticated, read-only user can kill any processes running on the Xormon Original virtual appliance as the lpar2rrd user...

6.6AI score0.05296EPSS
Exploits2References2
cvelist
cvelist
added 2025/07/28 11:28 p.m.11 views

CVE-2025-54767 KL-001-2025-014: Xorux LPAR2RRD Read Only User Denial of Service

An authenticated, read-only user can kill any processes running on the Xormon Original virtual appliance as the lpar2rrd user...

0.05296EPSS
Exploits2References2
vulnrichment
vulnrichment
added 2025/07/28 11:25 p.m.6 views

CVE-2025-54765 KL-001-2025-013: Xorux XorMon-NG Web Application Privilege Escalation to Administrator

An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to import the appliance configuration, allowing an attacker to control the configuration of the appliance, to include...

6.4AI score0.06894EPSS
Exploits2References2
cvelist
cvelist
added 2025/07/28 11:16 p.m.40 views

CVE-2025-54766 KL-001-2025-012: Xorux XorMon-NG Read Only User Export Device Configuration Exposing Sensitive Information

An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to export the appliance configuration, exposing sensitive information...

0.06894EPSS
Exploits2References2
korelogic
korelogic
added 2025/07/28 12:0 a.m.9 views

Xorux LPAR2RRD Read Only User Log Download Exposing Sensitive Information

Vulnerability Details Affected Vendor: Xorux Affected Product: LPAR2RRD Affected Version: 8.04 and prior Platform: Rocky Linux 8.10 CWE Classification: CWE-648: Incorrect Use of Privileged APIs CVE ID: CVE-2025-54768 2. Vulnerability Description An API endpoint that should be limited to web...

5.3CVSS6.1AI score0.03976EPSS
Exploits2Affected Software1
korelogic
korelogic
added 2025/07/28 12:0 a.m.10 views

Xorux LPAR2RRD File Upload Directory Traversal

Vulnerability Details Affected Vendor: Xorux Affected Product: LPAR2RRD Affected Version: 8.04 and prior Platform: Rocky Linux 8.10 CWE Classification: CWE-24: Path Traversal: '../filedir', CWE-434: Unrestricted Upload of File with Dangerous Type, CWE-648: Incorrect Use of Privileged APIs CVE...

8.8CVSS6.9AI score0.03038EPSS
Exploits4Affected Software1
Rows per page
Query Builder