CVE-2023-50458

In Dradis before 4.11.0, the Output Console shows a job queue that may contain information about other users' jobs...

CVE-2023-50786

Dradis through 4.16.0 allows referencing external images resources over HTTPS, instead of forcing the use of embedded uploaded images. This can be leveraged by an authorized author to attempt to steal the Net-NTLM hashes of other authors on a Windows domain network...

CVE-2023-31223

Dradis before 4.8.0 allows persistent XSS by authenticated author users, related to avatars...

EUVD-2019-9534

Malware in sbrugna...

EUVD-2019-15493

Malware in sbrugna...

EUVD-2023-55519

Malicious code in bioql PyPI...

EUVD-2023-55247

Malicious code in bioql PyPI...

EUVD-2023-35538

Malicious code in bioql PyPI...

MAL-2025-5771 Malicious code in dradis (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7954d52cb9efed1e6bca698b7419519943e5bfd49e00332c59356fef7afe6cf0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in dradis (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7954d52cb9efed1e6bca698b7419519943e5bfd49e00332c59356fef7afe6cf0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-50458

In Dradis before 4.11.0, the Output Console shows a job queue that may contain information about other users' jobs...

CVE-2023-50458

In Dradis before 4.11.0, the Output Console shows a job queue that may contain information about other users' jobs...

PT-2025-28975 · Dradis · Dradis

Name of the Vulnerable Software and Affected Versions: Dradis versions prior to 4.11.0 Description: The Dradis Output Console displays a job queue that may reveal information pertaining to jobs belonging to other users. Recommendations: Update to version 4.11.0 or later...

Dradis Framework 安全漏洞

Dradis Framework is an open source collaboration framework for IT security from Dradis Framework. A security vulnerability exists in Dradis Framework versions prior to 4.11.0, which stems from the output console displaying a job queue that may contain information about other users' jobs...

CVE-2023-50458

Summary: CVE-2023-50458 affects Dradis before 4.11.0. The Output Console can expose a job queue that may contain information about other users’ jobs, representing a potential information disclosure. "What is affected": Dradis core software, prior to version 4.11.0. "Root cause / vulnerability typ...

CVE-2023-50458

In Dradis before 4.11.0, the Output Console shows a job queue that may contain information about other users' jobs...

CVE-2023-50458

In Dradis before 4.11.0, the Output Console shows a job queue that may contain information about other users' jobs...

CVE-2023-50786

Dradis through 4.16.0 allows referencing external images resources over HTTPS, instead of forcing the use of embedded uploaded images. This can be leveraged by an authorized author to attempt to steal the Net-NTLM hashes of other authors on a Windows domain network...

CVE-2023-50786

Dradis through 4.16.0 allows referencing external images resources over HTTPS, instead of forcing the use of embedded uploaded images. This can be leveraged by an authorized author to attempt to steal the Net-NTLM hashes of other authors on a Windows domain network...

Replay Attack

Overview dradis-nessus is an add-on that allows you to upload and parse output produced from Tenable's Nessus Scanner into Dradis. Affected versions of this package are vulnerable to Replay Attack via the handling of external image resources over HTTPS. An attacker can obtain Net-NTLM hashes of...