66 matches found
EUVD-2020-28149
Malware in sbrugna...
EUVD-2020-28155
Malware in sbrugna...
EUVD-2021-17815
Malware in sbrugna...
EUVD-2023-53818
Malicious code in bioql PyPI...
EUVD-2024-38246
Malicious code in bioql PyPI...
EUVD-2021-9291
Malicious code in bioql PyPI...
EUVD-2021-9295
Malicious code in bioql PyPI...
Splunk Enterprise 9.2.0 < 9.2.8, 9.3.0 < 9.3.6, 9.4.0 < 9.4.4 (SVD-2025-1002)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1002 advisory. - In Splunk Enterprise versions below 9.4.4, 9.3.6 and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.109, 9.3.2408.1...
CVE-2025-20367
Affected software: Splunk Enterprise (versions below 9.4.4, 9.3.6, 9.2.8) and Splunk Cloud Platform (below 9.3.2411.109, 9.3.2408.119, 9.2.2406.122). Vulnerability: a low-privileged user can craft a malicious payload via the dataset.command parameter of the /app/search/table endpoint, resulting i...
Linux Distros Unpatched Vulnerability : CVE-2020-7018
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Elastic Enterprise Search before 7.9.0 contain a credential exposure flaw in the App Search interface. If a user is given the developer role, they will be able ...
CVE-2025-26464
In executeAppFunction of AppSearchManagerService.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges due to a logic error in the executeAppFunction function in AppSearchManagerService.java that...
Linux Distros Unpatched Vulnerability : CVE-2020-7011
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Elastic App Search versions before 7.7.0 contain a cross site scripting XSS flaw when displaying document URLs in the Reference UI. If the Reference UI injects ...
CVE-2023-41530
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the appcontact parameter in appsearch.php...
CVE-2021-30898
An access issue was addressed with additional sandbox restrictions on third party applications. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to access some of the user's Apple ID information, or recent in-app search terms...
Malicious code in web-app-search (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ec79d580d43f835fcecc4698a0de40fde087ff79c80f5941edc641892528eb16 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-39817
Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to the product to view data that the user does not have access by conducting 'search' under certain conditions in Custom App...
PT-2024-28682 · Cybozu · Cybozu Office
Name of the Vulnerable Software and Affected Versions: Cybozu Office versions 10.0.0 through 10.8.6 Description: The issue allows a user who can login to the product to view data that the user does not have access to by conducting 'search' under certain conditions in Custom App. This is due to th...
CVE-2023-49923
An issue was discovered by Elastic whereby the Documents API of App Search logged the raw contents of indexed documents at INFO log level. Depending on the contents of such documents, this could lead to the insertion of sensitive or private information in the App Search logs. Elastic has released...
CVE-2023-49923
An issue was discovered by Elastic whereby the Documents API of App Search logged the raw contents of indexed documents at INFO log level. Depending on the contents of such documents, this could lead to the insertion of sensitive or private information in the App Search logs. Elastic has released...