EUVD-2023-42699

Malicious code in bioql PyPI...

CVE-2023-42699

In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2024-42699

creationtimestamp| type| source ---|---|--- 2025-04-21 17:02:03+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12714 2025-04-21 18:09:20+00:00| seen| https://t.me/cvedetector/23444...

de.eonas.portal.demo:content (=0.1), de.eonas.portal.demo:templates (=0.1) +107 more potentially affected by CVE-2024-42699 via org.opencms:opencms-core (>=8.0.1 <=9.5.3)

org.opencms:opencms-core MAVEN version =8.0.1, =8.5.1.1, =8.5.1.1, =8.0.1, =8.0.1, =8.0.4, =8.5.0, =8.0.1, =8.0.1, =8.0.1, =8.0.1, =8.0.1, =8.5.0, =8.5.2 and more Source cves: CVE-2024-42699 Source advisory: SNYK:JAVA-ORGOPENCMS-9802334...

CVE-2024-42699

Cross Site Scripting vulnerability in Create/Modify article function in Alkacon OpenCMS 17.0 allows remote attacker to inject javascript payload via image title sub-field in the image field...

CVE-2023-42699

creationtimestamp| type| source ---|---|--- 2023-12-22 13:56:45+00:00| seen| https://t.me/ctinow/158386...

CVE-2023-42699

CVE-2023-42699 concerns the omacp service. A missing permission check could allow writing permission usage records for an app, enabling local information disclosure without additional execution privileges. Public sources summarize the issue and impact (local information disclosure) but do not pro...

CVE-2022-42699

creationtimestamp| type| source ---|---|--- 2022-12-07 02:41:05+00:00| seen| https://t.me/cibsecurity/54111...

CVE-2022-42699

Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin = 1.5.1 on WordPress...

CVE-2022-42699

CVE-2022-42699 affects the WordPress Easy WP SMTP plugin (versions 1.5.1 and earlier). The vulnerability is authenticated remote code execution in the plugin’s auth component. CVE details indicate a network-exposed vector with low attack complexity, requiring low privileges and no user interactio...

CVE-2022-42699 WordPress Easy WP SMTP Plugin <= 1.5.1 is vulnerable to Remote Code Execution (RCE)

Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin = 1.5.1 on WordPress...

CVE-2022-42699 WordPress Easy WP SMTP Plugin <= 1.5.1 is vulnerable to Remote Code Execution (RCE)

Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin = 1.5.1 on WordPress...

CVE-2021-42699

creationtimestamp| type| source ---|---|--- 2021-11-05 19:26:44+00:00| seen| https://t.me/cibsecurity/31902...

CVE-2021-42699

CVE-2021-42699 affects DAQFactory, where cookie information can be transmitted in cleartext over HTTP. This enables an attacker who can capture network traffic to obtain a user’s cookie and potentially hijack the session. Connected sources indicate affected product is DAQFactory (all versions up ...

CVE-2021-42699 AzeoTech DAQFactory

The affected product is vulnerable to cookie information being transmitted as cleartext over HTTP. An attacker can capture network traffic, obtain the user’s cookie and take over the account...

AzeoTech DAQFactory

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: AzeoTech Equipment: DAQFactory Vulnerabilities: Use of Inherently Dangerous Function, Deserialization of Untrusted Data, Cleartext Transmission of Sensitive Information, Modification of Assumed-Immutable Data MAID 2. RISK...