CVE-2026-33531

InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, a path traversal vulnerability in the report template engine allows a staff-level user to read arbitrary files from the server filesystem via crafted template tags. Affected functions: encodesvgimage, asset, and...

CVE-2026-33531

creationtimestamp| type| source ---|---|--- 2026-03-26 19:16:15+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-33531 2026-03-27 21:00:04+00:00| published-proof-of-concept| Telegram/4Dok0lwXJBk164h58WI7MYFHPq5Lse38n7xHVnp6ML19Yk...

EUVD-2022-33531

Malicious code in bioql PyPI...

CVE-2024-33531

cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by crafting a JWT with an enc header with the value A256GCM...

Security Bulletin: IBM Cloud Pak for Data is vulnerable due to lua-resty (CVE-2024-33531)

Summary Lua is used by IBM Cloud Pak for Data as part of the web interface. CVE-2024-33531 Vulnerability Details CVEID:CVE-2024-33531 DESCRIPTION: lua-resty-jwt could allow a remote attacker to bypass security restrictions, caused by improper authentication validation. By sending a specially...

CVE-2024-33531

cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by crafting a JWT with an enc header with the value A256GCM...

CVE-2024-33531

CVE-2024-33531 affects lua-resty-jwt 0.2.3, allowing attackers to bypass all JWT-signature checks by crafting a token with an enc header value of A256GCM. The issue is documented across multiple IBM advisories and CVE aggregations, with no public exploitation details provided in the sources. Reme...

CVE-2024-33531

cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by crafting a JWT with an enc header with the value A256GCM...

CVE-2021-33531

In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can...

CVE-2021-33531

The CVE-2021-33531 entry describes a vulnerability in Weidmueller Industrial WLAN devices where an undisclosed/undocumented encryption password enables hard-coded credentials in the device OS, allowing an attacker with low privileges to execute custom diagnostic scripts by sending them authentica...

HP Intelligent Management Center Arbitrary Code Execution Vulnerability (CNVD-2017-33531)

HP Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Fault, Configuration, Accounting, Performance and Security FCAPS model. An arbitrary code execution vulnerability exists in HP Intelligent Management Center. A remote authenticated...