Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Autolab is a course management service that enables auto-graded programming assignments. From Autolab versions v.3.0.0 onward students can download all assignments from another student, as long as the
Autolab is a course management service that enables auto-graded programming assignments. A user can modify their first and or last name to include a valid excel / spreadsheet formula. When an instruct
Autolab is a course management service that enables auto-graded programming assignments. There is a vulnerability in version 3.0.1 where CAs can view or edit the grade for any submission ID, even if t
Autolab is a course management service that enables auto-graded programming assignments. There is an HTML injection vulnerability in version 3.0.1 that can affect instructors and CAs on the grade subm
Autolab, a course management service that enables auto-graded programming assignments, has misconfigured reset password permissions in version 3.0.0. For email-based accounts, users with insufficient
An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its classification tasks handle provided CSV files. If a victim user cre
An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its multilabel classification tasks handle provided CSV files. If a user
A vulnerability was determined in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. The impacted element is an unknown function of the file /api/v1/assignments/{assignment_id}/tasks/{task_id}
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The AutoGPT Platform's WebSocket API transmitted node e
eLabFTW is an open source electronic lab notebook for research labs. By uploading specially crafted files, a regular user can create a circumstance where a visitor's browser runs arbitrary JavaScript
Label Studio is a multi-type data labeling and annotation tool. A vulnerability in versions prior to 1.18.0 allows an attacker to inject a malicious script into the context of a web page, which can le
A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects the function submitAddRole of the file src/main/java/com/zero/system/controller
A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /script/academic/di
A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager
EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this
Label Studio is an open source data labeling tool. Prior to version 1.16.0, Label Studio's `/projects/upload-example` endpoint allows injection of arbitrary HTML through a `GET` request with an approp
Label Studio is an open source data labeling tool. Prior to version 1.16.0, Label Studio's S3 storage integration feature contains a Server-Side Request Forgery (SSRF) vulnerability in its endpoint co
A vulnerability, which was classified as problematic, was found in yzk2356911358 StudentServlet-JSP cc0cdce25fbe43b6c58b60a77a2c85f52d2102f5/d4d7a0643f1dae908a4831206f2714b21820f991. This affects an u
Forma.lms The E-Learning Suite 2.3.0.2 contains a persistent cross-site scripting vulnerability in multiple course and profile parameters. Attackers can inject malicious scripts in course code, name,
A vulnerability, which was classified as problematic, was found in huang-yk student-manage 1.0. This affects an unknown part of the component Edit a Student Information Page. The manipulation of the a
Page 1+ Next →