Security Bulletin: IBM watsonx Orchestrate Developer Edition is vulnerable to Exposed Dangerous Method or Function, Origin Validation Error due to webpack-dev-server

Summary webpack-dev-server is used by IBM watsonx Orchestrate Developer Edition as part of wxo-chat Vulnerability Details CVEID:CVE-2025-30359 DESCRIPTION: webpack-dev-server allows users to use webpack with a development server that provides live reloading. Prior to version 5.2.1,...

CVE-2025-47353 Exposed Dangerous Method or Function in Automotive Software platform based on QNX

Memory corruption while processing request sent from GVM...

EUVD-2024-26024

Malicious code in bioql PyPI...

Exposed Dangerous Method or Function

Overview org.webjars.npm:webpack-dev-server is an Uses webpack with a development server that provides live reloading. It should be used for development only. Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the webpackmodules object. An attacker can...

Exposed Dangerous Method or Function

Overview typo3/cms-form is a Form Library, Plugin and Editor Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the backend user interface functionality involving deep links. An attacker can manipulate or delete persisted form definitions by deceiving a...

CVE-2024-28962

Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

CVE-2024-28962

Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

CVE-2024-28962

Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

CVE-2024-28962

Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

Dell Update和Dell Alienware Update 安全漏洞

Dell Update and Dell Alienware Update are both an update driver from Dell USA Inc. A security vulnerability exists in Dell Update versions prior to 5.4 and Dell Alienware Update versions prior to 5.4, which arises from the inclusion of an exposed dangerous method or feature vulnerability. An...

(Pwn2Own) QNAP TS-464 Exposed Dangerous Method Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the privWizard.cgi endpoint. The issue results from an exposed dangerous method. An...

CVE-2023-51582

Voltronic Power ViewPower LinuxMonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. Th...

CVE-2023-51581

Voltronic Power ViewPower MacMonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The...

CVE-2023-51577

Voltronic Power ViewPower contains a local privilege escalation in the setShutdown method. The flaw arises from an exposed dangerous method that allows a low-privileged attacker who can run code locally to escalate to SYSTEM and execute arbitrary code. This is documented across multiple sources (...

CVE-2023-51577 Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability

Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. An attacker must first obtain the ability to execute low-privileged cod...

CVE-2023-42032 Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability

Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to exploit this...

Exposed Dangerous Method or Function

Overview Affected versions of this package are vulnerable to Exposed Dangerous Method or Function due to insufficient validation of public methods on Command classes. An attacker can invoke more methods than should be allowed by exploiting the lack of robust checks on method permissions. Workarou...

PT-2024-10089 · Drupal · Drupal Swift Mailer

Name of the Vulnerable Software and Affected Versions: Drupal Swift Mailer versions . Description: The issue is related to an Exposed Dangerous Method or Function vulnerability in Drupal Swift Mailer, which allows Resource Location Spoofing. This can be exploited by a remote attacker to perform...

(0Day) Voltronic Power ViewPower USBCommEx shutdown Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. User interaction is required to exploit this vulnerability in that an administrator must trigger a shutdown operation. The specific flaw exists within the shutdown...

(0Day) Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MonitorConsole class. The issue results from an exposed...