Lucene search
K
EuvdMost viewed

417980 matches found

EUVD
EUVD
•added 2025/10/03 8:7 p.m.•24 views

EUVD-2024-36132

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.00159EPSS
Exploits0References1
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•24 views

EUVD-2025-28820

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00264EPSS
Exploits1References5
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•24 views

EUVD-2022-4126

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.01709EPSS
Exploits1References4
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•24 views

EUVD-2023-2717

Malicious code in bioql PyPI...

8.6CVSS5.5AI score0.00514EPSS
Exploits0References5
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•24 views

EUVD-2023-26458

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00678EPSS
Exploits0References1
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•24 views

EUVD-2023-2929

Malicious code in bioql PyPI...

9.8CVSS4.9AI score0.00692EPSS
Exploits0References6
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•24 views

EUVD-2023-53996

Malicious code in bioql PyPI...

6.1CVSS4.8AI score0.01766EPSS
Exploits2References3
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•24 views

EUVD-2021-33128

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.0385EPSS
Exploits0References3
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•24 views

EUVD-2023-27648

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00352EPSS
Exploits0References1
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•25 views

EUVD-2025-16371

Malicious code in bioql PyPI...

9.4CVSS6.3AI score0.11534EPSS
Exploits0References2
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•24 views

EUVD-2025-30918

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00201EPSS
Exploits0References4
EUVD
EUVD
•added 2022/12/26 12:0 a.m.•24 views

EUVD-2022-7617

php-mod/curl a wrapper of the PHP cURL extension before 2.3.2 allows XSS via the postfilepathupload.php key parameter and the POST data to postmultidimensional.php...

6.1CVSS5.9AI score0.01261EPSS
Exploits2References4
EUVD
EUVD
•added 6 days ago•23 views

EUVD-2026-12688

Keycloak: Unauthorized access via improper validation of encrypted SAML assertions...

7.7CVSS5.8AI score0.00241EPSS
Exploits0References11
EUVD
EUVD
•added 2026/06/10 9:39 p.m.•23 views

EUVD-2026-36170

Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.2, a vulnerability chain consisting of Stored XSS and Iframe Sandbox escape in the Xibo CMS allows users with DataSet permissions to use the Data Connector...

7.6CVSS5.3AI score0.0011EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/09 5:6 p.m.•23 views

EUVD-2026-35751

Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network...

9.8CVSS6AI score0.011EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/09 5:5 p.m.•23 views

EUVD-2026-35587

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally...

7.8CVSS6AI score0.00445EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/09 12:33 a.m.•23 views

EUVD-2026-35258

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

5.4AI score0.00225EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/08 3:46 p.m.•23 views

EUVD-2026-35160

In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrievestatus: 1. The code in retrievestatus checks that the output string fits into the output buffer a...

5.8AI score0.00195EPSS
Exploits0References8
EUVD
EUVD
•added 2026/06/05 12:31 a.m.•23 views

EUVD-2026-34482

Uninitialized Use in WebML in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.0025EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/01 8:2 a.m.•23 views

EUVD-2026-33602

Hardcoded credentials in the Basic Authentication setup tool bin/solr auth enable in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently alongside the user-specifi...

9.8CVSS5.8AI score0.00529EPSS
Exploits1References1
EUVD
EUVD
•added 2026/05/28 3:52 p.m.•23 views

EUVD-2026-32935

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

6.8CVSS5.8AI score0.00128EPSS
Exploits0References1
EUVD
EUVD
•added 2026/05/28 9:36 a.m.•23 views

EUVD-2026-32821

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix nodecnt race between extent node destroy and writeback f2fsdestroyextentnode does not set FINOEXTENT before clearing extent nodes. When called from f2fsdropinode with ISYNC set, concurrent kworker writeback can insert n...

5.8AI score0.00093EPSS
Exploits0References5
EUVD
EUVD
•added 2026/05/27 3:39 p.m.•23 views

EUVD-2026-32570

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. On top of that, the DELETE /upi/v1/upNodesLinks/upNodeRef handler unconditionally dereferences upNode.UPF after the type-guarded...

8.2CVSS5.8AI score0.00324EPSS
Exploits1References4
EUVD
EUVD
•added 2026/05/27 2:57 p.m.•23 views

EUVD-2026-32544

go-git is an extensible git implementation library written in pure Go. Prior to 5.19.1 and 6.0.0-alpha.4, a path validation issue in go-git could allow crafted repository data to affect files outside the intended checkout target, including the repository's .git directory. These validations were...

5.4CVSS5.8AI score0.00297EPSS
Exploits0References1
EUVD
EUVD
•added 2026/05/27 2:54 p.m.•23 views

EUVD-2026-32542

go-git is an extensible git implementation library written in pure Go. Prior to 5.19.0 and 6.0.0-alpha.3, go-git may parse malformed Git objects in a way that differs from upstream Git. When commit or tag objects contain ambiguous or malformed headers, go-git’s decoded representation may expose...

7CVSS5.8AI score0.00159EPSS
Exploits0References1
EUVD
EUVD
•added 2026/05/27 8:43 a.m.•23 views

EUVD-2025-209962

An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content during installation...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References1
EUVD
EUVD
•added 2026/05/24 11:15 a.m.•23 views

EUVD-2026-31588

A security flaw has been discovered in Edimax BR-6675nD 1.12. This affects the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument regDomain/ABandregDomain/nic0Addr/nic1Addr/wlanAddr/inicAddr results in command injection. It is...

6.5CVSS6.4AI score0.01171EPSS
Exploits0References4
EUVD
EUVD
•added 2026/05/24 9:0 a.m.•23 views

EUVD-2026-31581

A security flaw has been discovered in NousResearch hermes-agent 2026.4.23. Affected is the function discoverdashboardplugins of the file hermescli/webserver.py of the component CLI web-dashboard Interface. Performing a manipulation of the argument HERMESENABLEPROJECTPLUGINS results in incorrect...

5.3CVSS5.7AI score0.00228EPSS
Exploits0References4
EUVD
EUVD
•added 2026/05/20 12:31 a.m.•23 views

EUVD-2026-30988

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...

5.8AI score0.00196EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/17 10:45 a.m.•23 views

EUVD-2026-30694

A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFile API. Such manipulation leads to information disclosure. The attack can be executed remotely. Th...

6.9CVSS5.8AI score0.00497EPSS
Exploits0References4
EUVD
EUVD
•added 2026/05/17 9:0 a.m.•23 views

EUVD-2026-30691

A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ranuefindbyamfuengapid of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit has been made public...

6.5CVSS6.1AI score0.00224EPSS
Exploits1References7
EUVD
EUVD
•added 2026/05/17 4:15 a.m.•23 views

EUVD-2026-30680

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function ogssbiclientadd in the library /lib/sbi/client.c of the component NRF. The manipulation of the argument clientpool leads to denial of service. It is possible to initiate the attack remotely. The exploit has been...

5.3CVSS5.4AI score0.0038EPSS
Exploits1References5
EUVD
EUVD
•added 2026/05/17 2:27 a.m.•23 views

EUVD-2026-30678

The AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin for WordPress is vulnerable to Privilege Escalation in version 3.4.9. This is due to missing WordPress capability enforcement in the MCP OAuth bearer-token authorization path, where any valid OAuth token causes MCP access to be...

8.8CVSS5.8AI score0.00359EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/15 12:31 p.m.•23 views

EUVD-2026-30538

PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include local files from the server and display them in the generated PDF. This issue was fixed in PDF...

9.2CVSS5.8AI score0.00497EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/15 3:6 a.m.•23 views

EUVD-2025-209882

Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation...

7.3CVSS5.8AI score0.00258EPSS
Exploits0References1
EUVD
EUVD
•added 2026/05/15 2:6 a.m.•23 views

EUVD-2026-30498

Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the metasploitPostgreSQL service the subsequent postgres.exe service attempts to load an OpenSSL configuration file from a non-existent directo...

9.3CVSS5.9AI score0.0017EPSS
Exploits0References1
EUVD
EUVD
•added 2026/05/13 6:30 p.m.•24 views

EUVD-2026-30016

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition The acp3x5682init function did not check the return value of clkget, which could lead to dereferencing error pointers in rt5682clkenable. Fix this by:...

5.7AI score0.00114EPSS
Exploits0References9
EUVD
EUVD
•added 2026/05/13 6:30 p.m.•23 views

EUVD-2026-30014

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rt1011: Use component to get the dapm context in spkmodeput The correct helper to use in rt1011recvspkmodeput to retrieve the DAPM context is sndsoccomponenttodapm, from kcontrol we will receive NULL pointer...

5.8AI score0.001EPSS
Exploits0References3
EUVD
EUVD
•added 2026/05/13 5:29 a.m.•23 views

EUVD-2025-209822

The ilGhera Support System for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getticketcontentcallback' function in all versions up to, and including, 1.3.0. This makes it possible for unauthenticated attackers to view any...

5.3CVSS5.8AI score0.00256EPSS
Exploits0References6
EUVD
EUVD
•added 2026/05/12 6:30 p.m.•23 views

EUVD-2026-29593

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00298EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/12 6:30 p.m.•23 views

EUVD-2026-29599

Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00207EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/12 6:30 p.m.•23 views

EUVD-2026-29569

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Native WiFi Miniport Driver allows an unauthorized attacker to execute code over an adjacent network...

7.5CVSS6.1AI score0.00297EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/12 3:31 p.m.•23 views

EUVD-2026-29466

Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3...

5.8AI score0.00298EPSS
Exploits0References3
EUVD
EUVD
•added 2026/05/12 9:31 a.m.•23 views

EUVD-2026-29414

The AzonPost plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the editposhidden parameter in all versions up to, and including, 1.3. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS6AI score0.00204EPSS
Exploits0References4
EUVD
EUVD
•added 2026/05/12 3:31 a.m.•23 views

EUVD-2026-29371

SAP S/4HANA SAP Enterprise Search for ABAP contains a SQL injection vulnerability that allows an authenticated attacker to inject malicious SQL statements through user-controlled input. The application directly concatenates this malicious user input into SQL queries, which are then passed to the...

9.6CVSS5.9AI score0.00466EPSS
Exploits0References3
EUVD
EUVD
•added 2026/05/11 6:31 p.m.•23 views

EUVD-2026-29154

A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet...

8.4CVSS6.2AI score0.00812EPSS
Exploits1References3
EUVD
EUVD
•added 2026/05/11 12:32 p.m.•23 views

EUVD-2026-29044

Dell Automation Platform versions prior to 2.0.0.0, contains a missing authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...

8CVSS5.8AI score0.00235EPSS
Exploits0References2
EUVD
EUVD
•added 2026/05/10 3:31 p.m.•23 views

EUVD-2022-55989

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References5
EUVD
EUVD
•added 2026/05/10 3:31 p.m.•23 views

EUVD-2022-55969

Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=addpost parameter, a...

8.8CVSS6.1AI score0.00347EPSS
Exploits0References4
EUVD
EUVD
•added 2026/05/09 7:40 p.m.•23 views

EUVD-2026-28927

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This issue has been patched ...

5.8CVSS5.7AI score0.00813EPSS
Exploits0References4
Total number of security vulnerabilities5000