33 matches found
SUSE CVE-2026-42211
React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, a combination of steps could potentially allow unauthorized remote code execution RCE through external requests. This attack requires the application code to have an existing prototype pollution...
EUVD-2026-33999
React Router's vendored turbo-stream v2 allows arbitrary constructor invocation via TYPEERROR deserialization leading to Unauth RCE...
CVE-2026-42211
React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, a combination of steps could potentially allow unauthorized remote code execution RCE through external requests. This attack requires the application code to have an existing prototype pollution...
CVE-2026-42211
React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, a combination of steps could potentially allow unauthorized remote code execution RCE through external requests. This attack requires the application code to have an existing prototype pollution...
CVE-2026-42211 React Router's vendored turbo-stream v2 allows arbitrary constructor invocation via TYPE_ERROR deserialization leading to Unauth RCE
React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, a combination of steps could potentially allow unauthorized remote code execution RCE through external requests. This attack requires the application code to have an existing prototype pollution...
PT-2026-45834
Name of the Vulnerable Software and Affected Versions React Router versions 7.0.0 through 7.14.1 Description When using Framework Mode, a sequence of actions could allow unauthorized remote code execution RCE via external requests. This occurs if the application code already contains a prototype...
Use of Predictable Algorithm in Random Number Generator
Overview keylime is a TPM-based key bootstrapping and system integrity measurement system for cloud Affected versions of this package are vulnerable to Use of Predictable Algorithm in Random Number Generator in the generatechallenge method. An attacker can evade detection and bypass security...
PT-2025-43960
Name of the Vulnerable Software and Affected Versions MikroTik RouterOS version 7.14.2 MikroTik SwitchOS version 2.18 Description An issue exists in MikroTik RouterOS and SwitchOS where the WebFig management interface is exposed over cleartext HTTP by default. This allows a remote attacker to...
EUVD-2023-58628
Malicious code in bioql PyPI...
BIT-SUITECRM-2023-6388 Suite CRM v7.14.2 - SSRF
Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. This is possible because the application is vulnerable to SSRF...
CVE-2024-1644
Suite CRM version 7.14.2 allows including local php files. This is possible because the application is vulnerable to LFI...
Code injection
Suite CRM version 7.14.2 allows including local php files. This is possible because the application is vulnerable to LFI...
SuiteCRM 代码问题漏洞
SuiteCRM is a customer relationship management system from the SuiteCRM team. SuiteCRM 7.14.2 suffers from a code issue vulnerability that stems from the presence of a local file inclusion vulnerability. No detailed vulnerability details are provided at this time...
CVE-2024-1644
CVE-2024-1644 affects SuiteCRM v7.14.2, where a Local File Inclusion (LFI) vulnerability allows including local PHP files. Multiple connected sources describe the issue as a code vulnerability enabling LFI, with some references explicitly noting possible Remote Code Execution (RCE) via LFI. The r...
CVE-2023-6388
Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. This is possible because the application is vulnerable to SSRF...
PT-2024-3586 · Suitecrm · Suitecrm
Name of the Vulnerable Software and Affected Versions: Suite CRM version 7.14.2 Description: The issue is related to a Local File Inclusion LFI vulnerability, which allows an attacker to include local PHP files. This can enable a remote attacker to run or open files on the web server without havi...
CVE-2023-6130
Path Traversal: '..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2...
CVE-2023-6131 Code Injection in salesagility/suitecrm
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2...
CVE-2023-6130 Path Traversal: '\..\filename' in salesagility/suitecrm
Path Traversal: '..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2...
CVE-2023-6130 Path Traversal: '\..\filename' in salesagility/suitecrm
Path Traversal: '..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2...