Lucene search
K
EuvdMost viewed

417654 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2022-30426

Malicious code in bioql PyPI...

4.9CVSS5.3AI score0.00688EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2021-6634

Malicious code in bioql PyPI...

9CVSS7AI score0.05628EPSS
Exploits4References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2022-5556

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.0189EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2022-7028

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00446EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2022-33471

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00473EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2025-16372

Malicious code in bioql PyPI...

9.4CVSS6.3AI score0.1172EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2025-1994

Malicious code in bioql PyPI...

5.1CVSS4.8AI score0.00376EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2025-10053

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00478EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2023-38527

Malicious code in bioql PyPI...

4.9CVSS5.2AI score0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2023-12797

Malicious code in bioql PyPI...

9.8CVSS5.4AI score0.00875EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2022-53106

Malicious code in bioql PyPI...

9.1CVSS9.1AI score0.33064EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2023-28057

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00303EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2023-2596

Malicious code in bioql PyPI...

10CVSS8.9AI score0.00602EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2023-0091

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00651EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2021-29346

Malicious code in bioql PyPI...

5.5CVSS6.7AI score0.00378EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2024-51584

Malicious code in bioql PyPI...

6.1CVSS9AI score0.0028EPSS
Exploits0References2
EUVD
EUVD
added 2024/10/04 7:42 p.m.20 views

EUVD-2024-49694

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection', Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Microchip TimeProvider 4100 Configuration modules allows Command Injection.This issue affects TimeProvider 4100: from 1.0 before...

8.8CVSS8.7AI score0.14609EPSS
Exploits3References2
EUVD
EUVD
added 2020/10/16 10:18 p.m.20 views

EUVD-2020-8925

A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user...

9.3CVSS7.7AI score0.03871EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 9:39 p.m.19 views

EUVD-2026-36170

Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.2, a vulnerability chain consisting of Stored XSS and Iframe Sandbox escape in the Xibo CMS allows users with DataSet permissions to use the Data Connector...

7.6CVSS5.3AI score0.0011EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 1:55 p.m.19 views

EUVD-2026-36034

A flaw was found in migration-planner. An authenticated attacker could exploit an improper access control vulnerability in the /api/v1/sources/id/image-url endpoint. This flaw allows the attacker to bypass an ownership check and obtain presigned S3 URLs for Open Virtual Appliance OVA images...

9.6CVSS5.5AI score0.0028EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 6:30 p.m.19 views

EUVD-2026-35536

Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...

7.5CVSS5.5AI score0.00671EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 5:6 p.m.19 views

EUVD-2026-35728

Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally...

5.5CVSS5.4AI score0.00388EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 5:6 p.m.19 views

EUVD-2026-35724

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

7.5CVSS6.1AI score0.00473EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 5:5 p.m.19 views

EUVD-2026-35593

Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network...

9.6CVSS5.8AI score0.00438EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 9:51 a.m.19 views

EUVD-2026-35390

A Stored Cross-Site Scripting vulnerability in Vinna Process Monitor Version 4.0 Service Pack 1 Build 63255 allows an authenticated remote attacker with low privileges to inject malicious JavaScript code into the application. This enables attackers to steal administrative access tokens and sessio...

9.3CVSS5.6AI score0.00242EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/07 8:0 a.m.19 views

EUVD-2026-34988

A weakness has been identified in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This issue affects some unknown processing of the file /base-boot/actuator of the component Boot Actuator Endpoint. Executing a manipulation can lead to information disclosure. The attack can be...

6.9CVSS5.5AI score0.00292EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/05 12:31 a.m.19 views

EUVD-2026-34341

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input...

7.8CVSS6.1AI score0.25323EPSS
Exploits2References3
EUVD
EUVD
added 2026/06/02 12:31 a.m.19 views

EUVD-2026-33782

In createSessionInternal of PackageInstallerService.java, there is a possible to update a Device Policy Controller DPC into an invalid directory due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

6AI score0.00084EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/01 6:0 p.m.19 views

EUVD-2026-33738

A security flaw has been discovered in horizon921 mcpilot 0.1.0. The impacted element is an unknown function of the file client/src/app/api/mcp/call/route.ts of the component MCP API Call Endpoint. The manipulation of the argument serverBaseUrl results in server-side request forgery. The attack c...

7.5CVSS6.8AI score0.00305EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/01 5:45 p.m.19 views

EUVD-2026-33731

A vulnerability was identified in hiraishikentaro wezterm-mcp 0.1.0. The affected element is an unknown function of the file src/weztermexecutor.ts of the component switchpane/writetospecificpane. The manipulation of the argument request.params.arguments.paneid leads to os command injection. The...

6.5CVSS6.4AI score0.01088EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/01 5:45 p.m.19 views

EUVD-2026-33730

IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions ACS is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator...

8.8CVSS6.4AI score0.00439EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 12:45 p.m.19 views

EUVD-2026-33637

A weakness has been identified in itsourcecode Content Management System 1.0. Impacted is an unknown function of the file /admin/addsubtopic.php. This manipulation of the argument topicid causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available ...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/01 9:4 a.m.19 views

EUVD-2026-33612

SOPlanning is vulnerable to SQL Injection across multiple endpoints and parameters. Attacker with low privileges can inject arbitrary SQL commands, potentially gaining full control over the database. This issue affects SOPlanning version 1.55 and below...

8.8CVSS6AI score0.00273EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/01 7:49 a.m.19 views

EUVD-2026-33588

A bug in Apache Airflow's XCom PATCH endpoint PATCH /api/v2/xcomEntries/key allowed an authenticated UI/API user with XCom write permission on a Dag to set XCom entries under reserved key names e.g. returnvalue that the matching POST endpoint already validated against FORBIDDENXCOMKEYS. The...

8.8CVSS5.8AI score0.00592EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/01 3:32 a.m.19 views

EUVD-2026-33547

An improper neutralization of user-controllable input in OTRS or OTRS Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting XSS attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into...

7.1CVSS6AI score0.00219EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/30 9:29 a.m.19 views

EUVD-2026-33455

The Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress is vulnerable to authenticated Subscriber+ account takeover in all versions up to, and including, 5.26.0 via the event reaction endpoints reacttoevent / unreacttoevent. The endpoints register getitemspermissionschec...

7.5CVSS5.8AI score0.00593EPSS
Exploits1References12
EUVD
EUVD
added 2026/05/29 6:28 p.m.19 views

EUVD-2026-33417

StrongDM Desktop Application before 23.74.0 Desktop Client before 53.77.0 on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\Users\.sdm\state.kv. The file is protected only by default...

2CVSS5.9AI score0.00132EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 10:53 a.m.19 views

EUVD-2025-209994

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...

9.3CVSS6.1AI score0.0138EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 8:2 a.m.19 views

EUVD-2026-33261

Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...

8.7CVSS6.1AI score0.00215EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 12:38 a.m.19 views

EUVD-2026-33107

Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00243EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/29 12:38 a.m.19 views

EUVD-2026-33110

Integer overflow in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.3AI score0.0028EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/29 12:38 a.m.19 views

EUVD-2026-33080

Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.2AI score0.00319EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/29 12:38 a.m.19 views

EUVD-2026-33210

Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

6AI score0.00246EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/28 8:47 p.m.19 views

EUVD-2026-25909

Pimcore Platform - SQL Injection in DataObject composite index handling during class definition import/save...

7CVSS5.9AI score0.00346EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/28 2:24 p.m.19 views

EUVD-2026-32907

Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.0, the built-in FileSystemLoader and CachingFileSystemLoader do not guard against reading files outside their search paths when given an absolute path to resolve. This allows malicious template authors to load and...

8.2CVSS5.9AI score0.00335EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/28 1:22 p.m.19 views

EUVD-2026-32900

An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. While the patch in version 1.16.0 updated the ownership of the multipassd daemon binary to root:wheel, five co-located binaries multipass, qemu-img, qemu-system-aarch64,...

7.8CVSS6AI score0.0015EPSS
Exploits2References1
EUVD
EUVD
added 2026/05/28 9:40 a.m.19 views

EUVD-2026-32839

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: prevent use-after-free when deleting claims When batadvbladelbackboneclaims removes all claims for a backbone, it does this by dropping the link entry in the hash list. This list entry itself was one of the...

5.7AI score0.00274EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/28 9:36 a.m.19 views

EUVD-2026-32782

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in smb2compoundop If a server sends a truncated response but a large OutputBufferLength, and terminates the EA list early, checkwsleas returns success without validating that the entire...

5.8AI score0.00478EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/27 6:31 p.m.19 views

EUVD-2026-32628

RELATE is a web-based courseware package. Prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb, RELATE LMS configures its Celery workers to accept and deserialize untrusted 'pickle' data. An attacker who can reach the message broker can execute arbitrary commands on the host server. Combined...

8.7CVSS6.5AI score0.00489EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 5:55 p.m.19 views

EUVD-2026-32620

GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that, under certain conditions, could have allowed an authenticated user to cause specific Duo AI workflows to run under another user's identity due to imprope...

8.2CVSS5.8AI score0.00341EPSS
Exploits0References3
Total number of security vulnerabilities5000