EUVD-2023-37395

Malicious code in bioql PyPI...

EUVD-2023-27930

Malicious code in bioql PyPI...

EUVD-2023-27929

Malicious code in bioql PyPI...

EUVD-2024-38060

Malicious code in bioql PyPI...

EUVD-2023-27926

Malicious code in bioql PyPI...

EUVD-2023-27931

Malicious code in bioql PyPI...

CVE-2024-39534

CVE-2024-39534 affects Junos OS Evolved. An incorrect comparison in the local address verification API allows an unauthenticated, network-adjacent attacker to create sessions or send traffic using the subnet’s network and broadcast addresses, bypassing certain controls such as stateless firewall ...

CVE-2023-23766 Incorrect comparison vulnerability in GitHub Enterprise Server leading to commit smuggling

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To do so, an attacker would need write access to the repository. This vulnerability affected all versions of GitHub Enterpris...

CVE-2023-23845 SolarWinds Platform Exposed Dangerous Method Vulnerability

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges...

CVE-2023-23840 SolarWinds Platform Exposed Dangerous Method Vulnerability

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges...

PT-2023-5576 · Solarwinds · Solarwinds Orion Platform

Name of the Vulnerable Software and Affected Versions: SolarWinds Orion Platform affected versions not specified Description: The issue is related to the use of dangerous methods or functions in the SolarWinds Orion Platform, which can allow an attacker to execute arbitrary commands with NETWORK...

Spoofing

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff within the GitHub pull request UI. To do so, an attacker would need write access to the repository. This vulnerability affected GitHub Enterprise Server...

CVE-2023-23843

The CVE-2023-23843 entry concerns SolarWinds Platform’s UpdateActionsProperties Incorrect Comparison vulnerability. It enables authenticated attackers with administrative access to SolarWinds Web Console to execute arbitrary code/commands; ZDI specifics indicate remote code execution in the conte...

PT-2023-4415 · Solarwinds · Solarwinds Orion Platform

Name of the Vulnerable Software and Affected Versions: SolarWinds Orion Platform affected versions not specified Description: The issue is related to an Incorrect Comparison Vulnerability in the SolarWinds Orion Platform, specifically in the BlacklistedFilesChecker class. This vulnerability allow...

GitHub: Smuggling content in PR with refs/replace in GitHub

An incorrect comparison vulnerability was found in GitHub Enterprise Server, allowing commit smuggling through the display of an incorrect diff in the GitHub pull request UI. This vulnerability required write access to the repository and affected versions 3.7.0 and above. It was fixed in versions...

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up one's GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of an...

CVE-2022-22203

CVE-2022-22203 affects Juniper Networks Junos OS 19.4 (19.4R3-S4) on QFX5000 Series and EX4600/EX4650 platforms. Affected component: PFE (fxpc process). Root cause: Incorrect Comparison vulnerability that, when processing a specific hostbound packet, causes fxpc to crash and the FPC to reboot, en...