Lucene search
K
EuvdMost viewed

417631 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2025-19688

Malicious code in bioql PyPI...

9.8CVSS6.4AI score0.00531EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2023-33531

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.00585EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2023-27696

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.15198EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2025-2387

Malicious code in bioql PyPI...

7.8CVSS9AI score0.00637EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2022-6869

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01214EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2023-0554

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00644EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2022-5851

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.04846EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2023-27977

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00361EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2022-5110

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.0084EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2024-16665

Malicious code in bioql PyPI...

9.8CVSS7AI score0.00649EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2023-0257

Malicious code in bioql PyPI...

7.2CVSS6.9AI score0.00892EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2023-25787

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00325EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2022-51699

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00658EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2025-13881

Malicious code in bioql PyPI...

8.7CVSS6.5AI score0.00238EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2022-30389

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00406EPSS
Exploits0References1
EUVD
EUVD
added 2025/07/25 2:23 a.m.22 views

EUVD-2019-19374

The WP Database Backup plugin for WordPress is vulnerable to OS Command Injection in versions before 5.2 via the mysqldump function. This vulnerability allows unauthenticated attackers to execute arbitrary commands on the host operating system...

9.8CVSS7.8AI score0.16682EPSS
Exploits1References6
EUVD
EUVD
added 2022/04/15 7:5 p.m.22 views

EUVD-2022-31382

.NET Framework Denial of Service Vulnerability...

7.5CVSS7.5AI score0.0328EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 4:2 p.m.21 views

EUVD-2026-38488

Improper trust boundary enforcement in Language Servers for AWS before version 1.65.0 on all supported platforms may allow a for arbitrary code execution. If a local user opens a maliciously crafted workspace, any commands within the project configuration files may be automatically executed. This...

8.5CVSS6.1AI score0.00118EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/19 1:13 p.m.21 views

EUVD-2026-38019

Improper Validation of Integrity Check Value vulnerability in Apache APISIX. The jwe-decrypt plugin under default configuration is vulnerable to authentication bypass. This issue affects Apache APISIX: from 3.8.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the...

6.3CVSS5.8AI score0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 6:35 p.m.21 views

EUVD-2026-37607

Unauthenticated PHP Object Injection in AI Lab 5.4.2 versions...

9.8CVSS5.3AI score0.0051EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 1:40 p.m.21 views

EUVD-2026-37708

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cargo RD Cargo Shipping Location for WooCommerce allows Blind SQL Injection. This issue affects Cargo Shipping Location for WooCommerce: from n/a through 5.6...

9.3CVSS5.6AI score0.00236EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:16 p.m.21 views

EUVD-2026-36484

A code injection vulnerability in version 0.4.17 or later of the ChromaDB Python project allows an authenticated attacker to run arbitrary code on the server by sending a malicious model repository and trustremotecode set to true in...

9.4CVSS5.8AI score0.00342EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.21 views

EUVD-2026-35683

Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.4AI score0.0087EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 11:52 a.m.21 views

EUVD-2026-35405

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

5.4AI score0.0018EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/09 12:33 a.m.21 views

EUVD-2026-35258

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

5.4AI score0.00225EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 3:17 p.m.21 views

EUVD-2026-34849

7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule .scap parser in 7-Zip. The OpenCapsule function allocates a heap buffer of attacker-declared CapsuleImageSize up to 1 GiB without...

6.5CVSS5.7AI score0.00277EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/02 12:31 a.m.21 views

EUVD-2026-33825

Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications...

7.8CVSS5.8AI score0.00052EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/01 10:0 a.m.21 views

EUVD-2026-33621

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function creategenericname of the file /ShowForm/creategenericname/main. The manipulation of the argument genericname results in cross site scripting. The attack may be launched...

5.1CVSS4.3AI score0.00199EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/01 12:30 a.m.21 views

EUVD-2026-33518

An improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the “Is visible for customer” flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend This issue...

5.7CVSS5.8AI score0.00248EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/31 1:30 a.m.21 views

EUVD-2026-33479

A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. Such manipulation of the argument startwizard leads to stack-based buffer overflow. The attack can be launched remotely. T...

9CVSS7.8AI score0.00472EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 12:58 p.m.21 views

EUVD-2026-32476

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: take vmappurgelock in shrinker decayvapoolnode can be invoked concurrently from two paths: purgevmaparealazy when pools are being purged, and the shrinker via vmapnodeshrinkscan. However, decayvapoolnode is not safe t...

5.7AI score0.00127EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 12:56 p.m.21 views

EUVD-2026-32406

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damoncall vs kdamondfn exit race Patch series "mm/damon/core: fix damoncall/damoswalk vs kdmond exit race". damoncall and damoswalk can leak memory and/or deadlock when they race with kdamond terminations. Fix...

5.7AI score0.00088EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 9:49 a.m.21 views

EUVD-2026-32201

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevelop Booking Manager booking-manager allows Stored XSS.This issue affects Booking Manager: from n/a through = 2.1.18...

6.5CVSS5.8AI score0.0013EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 1:26 a.m.21 views

EUVD-2026-32037

The Style Kits – Advanced Theme Styles for Elementor, Elementor Kits & Elementor Patterns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '/wp-json/agwp/v1/tokens/save' endpoint kit title parameter in versions up to, and including, 2.5.0 due to insufficient input...

6.4CVSS6AI score0.00156EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/26 8:22 p.m.21 views

EUVD-2026-31989

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing attackers to access...

5.1CVSS5.8AI score0.00187EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 5:11 p.m.21 views

EUVD-2026-31918

IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...

7.3CVSS5.8AI score0.00252EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/23 4:27 a.m.21 views

EUVD-2026-31525

The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember\Features\TeamAccounts::savesettings' function in all versions up to, and including, 3.30.1. This makes it possible for authenticated attackers, with...

8.8CVSS5.8AI score0.00244EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/20 12:31 a.m.21 views

EUVD-2025-209901

Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...

5.1CVSS5.9AI score0.0021EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/19 7:23 p.m.21 views

EUVD-2026-29950

Bandit: Unauthenticated one-shot DoS via Transfer-Encoding: chunked...

8.7CVSS5.8AI score0.00642EPSS
Exploits1References5
EUVD
EUVD
added 2026/05/19 2:58 a.m.21 views

EUVD-2026-30826

in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps...

8.1CVSS6.3AI score0.00428EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/17 10:45 a.m.21 views

EUVD-2026-30694

A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFile API. Such manipulation leads to information disclosure. The attack can be executed remotely. Th...

6.9CVSS5.8AI score0.00497EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/17 5:15 a.m.21 views

EUVD-2026-30684

A vulnerability was identified in Oinone Pamirs up to 7.2.0. This affects the function JsonUtils.parseMap of the file PamirsParserConfig.java of the component appConfigQuery Interface. Such manipulation leads to deserialization. The attack can be launched remotely. The exploit is publicly availab...

6.5CVSS5.5AI score0.00242EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/16 5:0 a.m.21 views

EUVD-2026-30671

Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Cross-site Scripting XSS via the annotated formatter due to improper sanitization of JSON values and property names. If an application compares untrusted JSON/object data and renders annotated formatter output in the DOM,...

6.1CVSS5.8AI score0.00191EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/15 8:52 p.m.21 views

EUVD-2026-30635

radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...

8.7CVSS6.1AI score0.00603EPSS
Exploits1References3
EUVD
EUVD
added 2026/05/15 7:59 p.m.21 views

EUVD-2026-30604

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP authentication endpoint does not validate that the submitted password is non-empty before performing a Simple Bind against the LDAP server. The LdapForm Pydantic model accep...

9.1CVSS5.8AI score0.01461EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/15 12:58 p.m.21 views

EUVD-2026-30540

In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an...

5.8AI score0.0138EPSS
Exploits6References7
EUVD
EUVD
added 2026/05/15 6:45 a.m.21 views

EUVD-2026-30507

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'adminhead' function in all versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with Contributor-lev...

8.1CVSS5.7AI score0.00273EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/15 2:42 a.m.21 views

EUVD-2025-209877

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCHECKTACOMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior...

1.8CVSS5.8AI score0.00101EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 1:51 a.m.21 views

EUVD-2025-209870

Use of uninitialized resource within the AMD Platform Management Framework PMF could allow an attacker to read a uninitialized kernel memory resulting in loss of confidentiality or availability...

6.9CVSS5.8AI score0.00104EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 1:41 a.m.21 views

EUVD-2026-30496

A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...

5.4CVSS6AI score0.00139EPSS
Exploits0References2
Total number of security vulnerabilities5000