SUSE CVE-2024-0397

A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...

CVE-2026-6143 farion1231 cc-switch ProxyServer server.rs cross-domain policy

A security flaw has been discovered in farion1231 cc-switch up to 3.12.3. Affected by this issue is some unknown functionality of the file src-tauri/src/proxy/server.rs of the component ProxyServer. The manipulation results in permissive cross-domain policy with untrusted domains. The attack can ...

EUVD-2025-25182

Malicious code in bioql PyPI...

EUVD-2025-25181

Malicious code in bioql PyPI...

GHSA-P632-58PP-C9XG moonshine Stored Cross-Site Scripting Vulnerability in Create Article

A stored cross-site scripting XSS vulnerability in the Create Article function of MoonShine v3.12.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Link parameter...

GHSA-RH9F-GR6Q-MPC4 moonshine Stored Cross-Site Scripting Vulnerability in Create Admin

A stored cross-site scripting XSS vulnerability in the Create Admin function of MoonShine v3.12.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

moonshine Stored Cross-Site Scripting Vulnerability in Create Admin

A stored cross-site scripting XSS vulnerability in the Create Admin function of MoonShine v3.12.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

Moonshine 安全漏洞

Moonshine is a MoonShine open source admin panel software. A security vulnerability exists in Moonshine version v3.12.3, which stems from a parameter injection that could lead to a stored cross-site scripting attack...

Moonshine 安全漏洞

Moonshine is a MoonShine open source admin panel software. A security vulnerability exists in Moonshine version v3.12.3, which stems from a parameter injection that could lead to a stored cross-site scripting attack...

PT-2025-33738 · Moonshine · Moonshine

Name of the Vulnerable Software and Affected Versions: MoonShine version 3.12.3 Description: A stored cross-site scripting XSS vulnerability exists in the Create Article function. Attackers can execute arbitrary web scripts or HTML by injecting a crafted payload into the Link parameter...

CVE-2024-48045

Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Happy Addons for Elementor: from n/a through = 3.12.3...

AZL-54042 CVE-2024-12254 affecting package python3 for versions less than 3.12.3-5

Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...

CVE-2024-48045

Missing Authorization vulnerability in Leevio Happy Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Happy Addons for Elementor: from n/a through 3.12.3...

WordPress plugin Happy Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-32964 · Elementor · Happy Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Happy Addons for Elementor versions 3.12.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. This enables unauthorized acces...

The Snowflake Connector for Python stores sensitive data in logs

Issue Snowflake recently learned about and remediated a set of vulnerabilities in the Snowflake Connector for Python. Under specific conditions, certain users credentials or portions of those credentials were logged locally by the Connector to the users own systems. The credentials were not logge...

CVE-2024-49750 Snowflake Connector for Python has sensitive data in logs

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Prior to version 3.12.3, when the logging level was set by the user to DEBUG, the Connector could have logged Duo passcodes when specified...

PT-2024-33662 · Snowflake · Snowflake Connector For Python

Name of the Vulnerable Software and Affected Versions: Snowflake Connector for Python versions prior to 3.12.3 Description: The issue concerns the logging of sensitive information by the Snowflake Connector for Python. When the logging level is set to DEBUG, the Connector may log Duo passcodes,...

CVE-2024-6232 affecting package python3 for versions less than 3.12.3-4

CVE-2024-6232 affecting package python3 for versions less than 3.12.3-4. A patched version of the package is available...

WordPress Happy Elementor Addons plugin <= 3.12.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Happy Addons for Elementor versions = 3.12.3...