70 matches found
Langflow: DoS Through Lack of File Size Restriction via Deprecated Unauthenticated File Upload API
A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function createuploadfile of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to launch the attack...
netty-security-poc
Netty Security PoC — Deprecated API Risk & Patched API Validat...
EUVD-2024-29555
Malicious code in bioql PyPI...
EUVD-2024-29557
Malicious code in bioql PyPI...
EUVD-2022-7509
Malicious code in bioql PyPI...
EUVD-2023-36803
Malicious code in bioql PyPI...
EUVD-2024-41280
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-31417
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when...
CVE-2024-31684
Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows attackers to bypass fingerprint authentication due to the use of a deprecated API...
CVE-2024-31682
Incorrect access control in the fingerprint authentication mechanism of Phone Cleaner: Boost & Clean v2.2.0 allows attackers to bypass fingerprint authentication due to the use of a deprecated API...
BIT-NODE-MIN-2023-32558
The use of the deprecated API process.binding can bypass the permission model through path traversal. This vulnerability affects all users using the experimental permission model in Node.js 20.x. Please note that at the time this CVE was issued, the permission model is an experimental feature of...
CVE-2024-45036
Tophat is a mobile applications testing harness. An Improper Access Control vulnerability can expose the TOPHATAPPTOKEN token stored in /.tophatrc through use of a malicious Tophat URL controlled by the attacker. The vulnerability allows Tophat to send this token to the attacker's server without...
GO-2022-0490 Uses of deprecated API can be used to cause DoS in user-facing endpoints in github.com/argoproj/argo-events
Uses of deprecated API can be used to cause DoS in user-facing endpoints in github.com/argoproj/argo-events...
CVE-2024-36416 SuiteCRM v4 API Excessive log data DOS
SuiteCRM is an open-source Customer Relationship Management CRM software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. Versions 7.14.4 and 8.6.1 contain a fix for this issue...
CVE-2024-31682
Incorrect access control in the fingerprint authentication mechanism of Phone Cleaner: Boost & Clean v2.2.0 allows attackers to bypass fingerprint authentication due to the use of a deprecated API...
CVE-2024-31684
Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows attackers to bypass fingerprint authentication due to the use of a deprecated API...
CVE-2024-31682
Incorrect access control in the fingerprint authentication mechanism of Phone Cleaner: Boost & Clean v2.2.0 allows attackers to bypass fingerprint authentication due to the use of a deprecated API...
CVE-2024-31682
Incorrect access control in the fingerprint authentication mechanism of Phone Cleaner: Boost & Clean v2.2.0 allows attackers to bypass fingerprint authentication due to the use of a deprecated API...
CVE-2024-31684
Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows attackers to bypass fingerprint authentication due to the use of a deprecated API...
CVE-2024-31684
Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows attackers to bypass fingerprint authentication due to the use of a deprecated API...