16 matches found
EUVD-2025-24612
Malicious code in bioql PyPI...
SUSE CVE-2025-50946
OS Command Injection in Olivetin 2025.4.22 Custom Themes via the ParseRequestURI function in service/internal/executor/arguments.go...
GHSA-P3QF-84RG-JXFC OliveTin OS Command Injection vulnerability
OS Command Injection in Olivetin 2025.4.22 Custom Themes via the ParseRequestURI function in service/internal/executor/arguments.go...
OliveTin OS Command Injection vulnerability
OS Command Injection in Olivetin 2025.4.22 Custom Themes via the ParseRequestURI function in service/internal/executor/arguments.go...
CVE-2025-50946
OS Command Injection in Olivetin 2025.4.22 Custom Themes via the ParseRequestURI function in service/internal/executor/arguments.go...
CVE-2025-50946
OS Command Injection in Olivetin 2025.4.22 Custom Themes via the ParseRequestURI function in service/internal/executor/arguments.go...
PT-2025-33034
Name of the Vulnerable Software and Affected Versions Olivetin version 2025.4.22 Description OS Command Injection exists in Custom Themes through the ParseRequestURI function located in service/internal/executor/arguments.go. Recommendations At the moment, there is no information about a newer...
CVE-2025-50946
Summary: CVE-2025-50946 is an OS command injection vulnerability in OliveTin’s ParseRequestURI function (service/internal/executor/arguments.go) used by OliveTin 2025.4.22. Exploitation allows an unauthenticated attacker to execute arbitrary OS commands via crafted URIs. The vulnerability is conf...
CVE-2025-50946
OS Command Injection in Olivetin 2025.4.22 Custom Themes via the ParseRequestURI function in service/internal/executor/arguments.go...
CVE-2025-50946
OS Command Injection in Olivetin 2025.4.22 Custom Themes via the ParseRequestURI function in service/internal/executor/arguments.go...
BIT-DRUPAL-2022-25278
Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...
UBUNTU-CVE-2022-25278
Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...
CVE-2022-25278
Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...
Drupal core - Moderately critical - Access Bypass - SA-CORE-2022-013
Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...
Gateway page stuck after authentication on Chrome browser v100
- Citrix Gateway integration with Storefront -Custom Themes based on RFWEBUI, but may appear with others too - Observed at CVPN and Regular Storefront Integrations. -Chrome Version updated to 100.0.4896.60 Official Build 64-bit or later triggers the issue. - Page is stuck spinning circle...
Information Disclosure
Moodle is vulnerable to information disclosure. For installations that use custom themes that with blocks regions in the layout, a malicious user can view information on inaccessible courses when logging in...