Lucene search
K
EuvdMost viewed

417607 matches found

EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2023-28848

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01425EPSS
Exploits0References1
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2023-33828

Malicious code in bioql PyPI...

6.5CVSS7.2AI score0.00307EPSS
Exploits1References1
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2022-44379

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01754EPSS
Exploits1References4
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2022-4315

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01319EPSS
Exploits0References5
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2022-0662

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.05087EPSS
Exploits0References5
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2025-10890

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00372EPSS
Exploits0References4
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2022-5977

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.0057EPSS
Exploits0References3
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2023-53978

Malicious code in bioql PyPI...

9.3CVSS7.6AI score0.00177EPSS
Exploits0References3
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2022-6160

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00521EPSS
Exploits0References2
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2022-51733

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.0091EPSS
Exploits2References1
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2022-3565

Malicious code in bioql PyPI...

9.9CVSS8.8AI score0.01205EPSS
Exploits0References5
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2023-23418

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00164EPSS
Exploits0References1
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2025-18114

Malicious code in bioql PyPI...

9.3CVSS6.7AI score0.05776EPSS
Exploits1References2
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2024-49968

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00194EPSS
Exploits0References1
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•26 views

EUVD-2024-47035

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00371EPSS
Exploits0References3
EUVD
EUVD
•added 2023/02/01 12:0 a.m.•25 views

EUVD-2022-49713

kkFileView v4.1.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...

6.1CVSS6AI score0.01084EPSS
Exploits1References1
EUVD
EUVD
•added 2026/06/12 9:42 a.m.•24 views

EUVD-2026-36408

A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an...

6.7CVSS5.2AI score0.00121EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/09 6:30 p.m.•24 views

EUVD-2026-35638

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/09 6:30 p.m.•24 views

EUVD-2026-35667

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS7.1AI score0.0051EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/09 5:5 p.m.•24 views

EUVD-2026-35589

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

6.8CVSS5.4AI score0.05011EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/09 5:5 p.m.•24 views

EUVD-2026-35551

Use after free in Windows SDK allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00286EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/04 12:0 p.m.•24 views

EUVD-2026-34246

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

3.6CVSS5AI score0.00083EPSS
Exploits0References7
EUVD
EUVD
•added 2026/06/02 12:31 a.m.•24 views

EUVD-2026-33817

Cloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. The server contains a vulnerability where EC Elliptic Curve private keys are inadvertently exposed through the public /tokenkeys endpoint. This endpoint is designed to provide public key material for JW...

10CVSS5.8AI score0.00346EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/01 4:30 a.m.•24 views

EUVD-2026-33557

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. This vulnerability affects the function handlewebhookrequest of the file gateway/platforms/feishu.py of the component Webhook Endpoint. Such manipulation leads to resource consumption. The attack can be...

6.9CVSS5.4AI score0.00372EPSS
Exploits0References5
EUVD
EUVD
•added 2026/05/27 9:24 a.m.•24 views

EUVD-2026-32169

In the Linux kernel, the following vulnerability has been resolved: slip: bound decode reads against the compressed packet length slhcuncompress parses a VJ-compressed TCP header by advancing a pointer through the packet via decode and pull16. Neither helper bounds-checks against isize, and decod...

5.8AI score0.00278EPSS
Exploits0References5
EUVD
EUVD
•added 2026/05/27 5:31 a.m.•24 views

EUVD-2026-32094

The Login with NEAR plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.3.3. The ajaxLoginWithNear function — registered as a wpajaxnopriv action and therefore reachable by unauthenticated users — accepts an attacker-supplied account POST parameter...

8.1CVSS5.8AI score0.0039EPSS
Exploits0References5
EUVD
EUVD
•added 2026/05/18 12:30 a.m.•24 views

EUVD-2026-30721

A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TPUserName causes buffer overflow. It is possible to initiate the attack remotely. The exploit has...

9CVSS7.7AI score0.00573EPSS
Exploits0References4
EUVD
EUVD
•added 2026/05/17 12:15 p.m.•24 views

EUVD-2026-30700

A vulnerability was detected in AstrBotDevs AstrBot up to 4.23.5. Impacted is the function postfile of the file astrbot/dashboard/routes/chat.py of the component File Upload Handler. The manipulation of the argument filename results in path traversal. It is possible to launch the attack remotely...

6.5CVSS6.2AI score0.00358EPSS
Exploits0References7
EUVD
EUVD
•added 2026/05/15 3:0 a.m.•24 views

EUVD-2024-19556

An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memory outside of established bounds potentially resulting in loss of confidentiality or availability...

1.8CVSS5.8AI score0.00095EPSS
Exploits0References1
EUVD
EUVD
•added 2026/05/15 2:41 a.m.•24 views

EUVD-2025-209876

Insufficient parameter sanitization in AMD Secure Processor ASP TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDLOADGFXIPFW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception...

4.6CVSS5.8AI score0.00112EPSS
Exploits0References1
EUVD
EUVD
•added 2026/05/14 8:12 p.m.•24 views

EUVD-2026-30479

python-utcp is the python implementation of UTCP. Prior to 1.1.3, the utcp-http plugin is vulnerable to a blind Server-Side Request Forgery SSRF caused by a trust-boundary inconsistency between manual discovery and tool invocation. registermanual validates the discovery URL against an HTTPS /...

4.7CVSS5.8AI score0.00168EPSS
Exploits0References1
EUVD
EUVD
•added 2026/05/14 2:26 a.m.•24 views

EUVD-2026-30214

The Unlimited Elements for Elementor plugin for WordPress is vulnerable to SQL Injection via the 'datafiltersearch' parameter in the getcataddons AJAX action in versions up to and including 2.0.7. This is due to insufficient input sanitization and the use of deprecated escaping functions combined...

6.5CVSS6AI score0.00492EPSS
Exploits0References10
EUVD
EUVD
•added 2026/05/13 9:32 p.m.•24 views

EUVD-2026-30137

Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations...

4.3CVSS5.8AI score0.00198EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/13 9:32 p.m.•24 views

EUVD-2026-30113

Exposure of the QKEY used as input into the ‘OTA-Quantum’ device registration process and internal system keys via an unauthenticated and unencrypted HTTP GET method in the Arqit Symmetric Key Agreement Platform. This issue affects Symmetric Key Agreement Platform: before 26.03...

8.7CVSS5.8AI score0.00208EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/13 1:27 p.m.•24 views

EUVD-2026-29952

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.9.8.4. This is due to the plugin not properly verifying that a user is authorized to perform an action via the pmsetgrouporder, pmsetgroupitem...

4.3CVSS5.8AI score0.00234EPSS
Exploits0References6
EUVD
EUVD
•added 2026/05/12 6:30 p.m.•24 views

EUVD-2026-29640

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

8.4CVSS6AI score0.00369EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/12 6:30 p.m.•24 views

EUVD-2026-29547

Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally...

6.7CVSS5.8AI score0.00319EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/12 12:32 p.m.•24 views

EUVD-2026-29427

Affected devices do not properly validate and sanitize Technology Object TO name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the...

9.3CVSS5.9AI score0.0037EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/12 9:31 a.m.•24 views

EUVD-2026-29405

The GWD Connect plugin for WordPress is vulnerable to missing authorization to limited code execution in all versions up to, and including, 2.9. This is due to the plugin's standalone agent endpoints gwd-backup.php and gwd-logs.php not verifying authentication when the API key has not been...

4.8CVSS6.5AI score0.00273EPSS
Exploits0References4
EUVD
EUVD
•added 2026/05/10 3:31 p.m.•24 views

EUVD-2022-55972

WordPress Plugin Testimonial Slider and Showcase 2.2.6 contains a stored cross-site scripting vulnerability that allows authenticated editors to inject malicious scripts by failing to sanitize the posttitle parameter. Attackers with editor privileges can inject JavaScript payloads through the...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References5
EUVD
EUVD
•added 2026/05/09 3:19 a.m.•24 views

EUVD-2026-28899

Gibbon versions before v30.0.01 are affected by a path traversal vulnerability resulting in DOS by attempting extraction of web application PHP files, failed .zip extraction results in deletion of the file and a DOS condition. Successful exploitation requires Teacher or higher privileges...

6.9CVSS5.8AI score0.00293EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/08 3:31 p.m.•24 views

EUVD-2025-209740

The CloudStack Backup plugin has an improper authorization logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is enabled and has access to specific APIs can list backups from any account in the environment...

6.5CVSS5.8AI score0.00486EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/08 12:31 a.m.•24 views

EUVD-2026-28468

A vulnerability was identified in JeecgBoot up to 3.9.1. Affected by this issue is some unknown functionality of the file /sys/dict/loadTreeData of the component JSON Object Handler. The manipulation of the argument condition leads to sql injection. The attack can be initiated remotely. The explo...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References6
EUVD
EUVD
•added 2026/05/08 12:31 a.m.•24 views

EUVD-2026-28449

Improper neutralization of special elements used in a command 'command injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.8AI score0.01135EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/08 12:31 a.m.•24 views

EUVD-2026-28451

Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network...

9CVSS6AI score0.00988EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/07 9:31 a.m.•24 views

EUVD-2026-28340

A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service...

4.7CVSS5.8AI score0.00274EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/07 4:4 a.m.•24 views

EUVD-2026-28300

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, readVariableLengthInteger decodes a variable-length integer fro...

6.3CVSS5.8AI score0.00393EPSS
Exploits1References3
EUVD
EUVD
•added 2026/05/06 12:30 p.m.•24 views

EUVD-2026-27776

In the Linux kernel, the following vulnerability has been resolved: net: Drop the lock in skbmaytxtimestamp skbmaytxtimestamp may acquire sock::skcallbacklock. The lock must not be taken in IRQ context, only softirq is okay. A few drivers receive the timestamp via a dedicated interrupt and comple...

5.8AI score0.00126EPSS
Exploits0References4
EUVD
EUVD
•added 2026/05/05 10:4 p.m.•24 views

EUVD-2026-25871

authd: Primary group ID is incorrectly set to value of UID...

7.3CVSS5.8AI score0.0011EPSS
Exploits0References3
EUVD
EUVD
•added 2026/05/05 8:49 p.m.•24 views

EUVD-2026-27133

Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback...

6.5CVSS5.8AI score0.00299EPSS
Exploits1References3
Total number of security vulnerabilities5000