CVE-2026-45046 Gryph Agents Payload Filter Fails to Strip Tool Payload for Sensitive Content

Gryph provides a security layer for AI coding agents. Prior to 0.7.0, Gryph implements logging levels that determine what content is logged to a local sqlite database. The README incorrectly mentions that the default log level is minimal while it is standard. Source code review shows sensitive...

CVE-2023-45046

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Pressference Pressference Exporter allows SQL Injection.This issue affects Pressference Exporter: from n/a through 1.0.3...

EUVD-2021-33999

Malicious code in bioql PyPI...

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect v10.0.9.0 Vulnerability Details CVEID:CVE-2024-5535 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a buffer over-read flaw in the SSLselectnextproto API function when calling with an empty supported client...

CVE-2024-45046

PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. In affected versions \PhpOffice\PhpSpreadsheet\Writer\Html doesn't sanitize spreadsheet styling information such as font names, allowing an attacker to inject arbitrary JavaScript on the page. As a result an attacker...

CVE-2024-45046

creationtimestamp| type| source ---|---|--- 2024-08-28 14:47:12+00:00| published-proof-of-concept| https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-wgmf-q9vr-vww6 2024-08-29 00:19:47+00:00| seen| https://t.me/cvedetector/4359 2026-01-24 21:24:30+00:00| seen|...

CVE-2023-45046

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Pressference Pressference Exporter allows SQL Injection.This issue affects Pressference Exporter: from n/a through 1.0.3...

CVE-2023-45046

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Pressference Pressference Exporter allows SQL Injection.This issue affects Pressference Exporter: from n/a through 1.0.3...

CVE-2023-45046

CVE-2023-45046 affects the WordPress plugin Pressference Exporter (versions up to 1.0.3). The issue is an SQL Injection caused by improper neutralization of special elements in SQL commands. Public sources (Red Hat, NVD, Patchstack, Wordfence) indicate the vulnerability exists for Pressference Ex...

GLSA-202310-16 : Ubiquiti UniFi: remote code execution via bundled log4j

The remote host is affected by the vulnerability described in GLSA-202310-16 Ubiquiti UniFi: remote code execution via bundled log4j - JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provid...

WordPress Pressference Exporter Plugin <= 1.0.3 is vulnerable to SQL Injection

Software Pressference Exporter Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-45046 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID 80cf03614798 Credits Nithissh S Required privilege Administrator...

Security Bulletin: IBM Decision Optimization for Cloud Pak for Data is vulnerable to denial of service due to Apache Log4j (CVE-2021-45105) and arbitrary code execution due to Apache Log4j (CVE-2021-45046)

Summary There are multiple Apache Log4j vulnerabilities CVE-2021-45105, CVE-2021-45046 impacting IBM Decision Optimization for Cloud Pak for Data which uses Apache Log4j for logging. The fix includes Apache Log4j 2.17. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-45046)

Summary There are multiple Apache Log4j vulnerabilities CVE-2021-45105, CVE-2021-45046 impacting IBM Cloud Pak for Data which uses Apache Log4j for logging. The fix includes Apache Log4j 2.17. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of servic...

Security Bulletin: IBM Cloud Pak System is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-45046, CVE-2021-44228)

Summary Apache Log4j is used for logging in multiple components of the IBM Cloud Pak System CPS appliance: Logstash, VMware vCenter, IBM Hardware Management Console and product pattern type pType. Arbitrary code execution vulnerabilities have been identified in Apache Log4j. Vulnerability Details...

Security Bulletin: Apache Log4j is vulnerable to CVE-2021-45105 and CVE-2021-45046 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Apache Log4j which is vulnerable to CVE-2021-45105 and CVE-2021-45046. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by the failure to protect from uncontrolled...

Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added three flaws to the Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The security vulnerabilities are as follows - CVE-2023-1389 CVSS score: 8.8 - TP-Link Archer AX-21 Command Injection...

Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to Apache Log4j CVE-2021-45046

Summary Automation Assets in IBM Cloud Pak for integration is vulnerable to CVE-2021-45046 with details below. Vulnerability Details CVEID:CVE-2021-45046 DESCRIPTION: Apache Log4j could result in remote code execution, caused by an incomplete fix of CVE-2021-44228 in certain non-default...

Security Bulletin: Vulnerability in Apache Log4j affects Operations Dashboard ( CVE-2021-45046)

Summary The Operations Dashboard has addressed the following CVE-2021-45046 vulnerability. Vulnerability Details CVEID:CVE-2021-45046 DESCRIPTION: Apache Log4j could result in remote code execution, caused by an incomplete fix of CVE-2021-44228 in certain non-default configurations. When the...

K34002344: Overview of Log4j vulnerabilities (2021 and 2022)

Security Advisory Description This document is intended to serve as an overview of the 2021 and 2022 Log4j vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated security advisory. High CVEs Medium CVEs Not Vulnerable CVEs High CV...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring Installed WebSphere Application Server including Log4j

Summary The following security issues has been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by the failure to protect fr...