EUVD-2023-2651

Malicious code in bioql PyPI...

EUVD-2023-2827

Malicious code in bioql PyPI...

CVE-2023-44794

An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...

GHSA-54F6-9MX9-86F7 SaToken privilege escalation vulnerability

An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...

CVE-2023-43961

An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...

CVE-2023-44794

An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...

CVE-2023-44794

An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...

CVE-2023-44794

An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...

CVE-2023-43961

An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...

Authentication flaw

An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...

Design/Logic Flaw

An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...

CVE-2023-43961

An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...

CVE-2023-44794

An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...

CVE-2023-44794

An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...

CVE-2023-43961

An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...

CVE-2023-44794

CVE-2023-44794 affects Dromara SaToken 1.36.0 and earlier. A remote attacker can escalate privileges by sending a crafted payload to the vulnerable URL, as described across multiple advisories (NVD, OSV, GHSA, IBM bulletin). The core impact stated is privilege escalation with high severity (CVSS ...

PT-2023-29052 · Dromara · Dromara Satoken

Name of the Vulnerable Software and Affected Versions: Dromara SaToken versions 1.3.50RC and earlier Description: An issue in Dromara SaToken when using Spring dynamic controllers may cause an authentication bypass due to a specially crafted request. Recommendations: For Dromara SaToken versions...

PT-2023-29297 · Dromara +1 · Dromara Satoken +1

Name of the Vulnerable Software and Affected Versions: Dromara SaToken versions 1.36.0 and earlier IBM Sterling Connect Direct Web Services versions 6.0, 6.1.0, 6.2.0, 6.3.0 IBM Sterling Connect Direct Web Services Certified Container versions All Description: An issue allows a remote attacker to...