59 matches found
EUVD-2023-32758
Malicious code in bioql PyPI...
EUVD-2025-8727
Malicious code in bioql PyPI...
EUVD-2024-2966
Malicious code in bioql PyPI...
CVE-2024-49381
Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2 fixes the vulnerabili...
CVE-2023-39538
AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a BMP Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...
CVE-2025-2223
CWE-20: Improper Input Validation vulnerability exists that could cause a loss of Confidentiality, Integrity and Availability of engineering workstation when a malicious project file is loaded by a user from the local system...
MD5 Hash Collision in DocugamiReader Overwrites Structurally Distinct Chunks with Identical Text
Description The DocugamiReader class in llamaindex retrieves structured XML documents from the Docugami API, parses them into semantic chunks, and converts them into Document objects. To assign consistent IDs to each chunk, the following logic is used: hashedid =...
CVE-2025-3019
KNIME Business Hub is affected by several cross-site scripting vulnerabilities in its web pages. If a user clicks on a malicious link or opens a malicious web page, arbitrary Java Script may be executed with this user's permissions. This can lead to information loss and/or modification of existin...
CVE-2025-3019
KNIME Business Hub is affected by several cross-site scripting vulnerabilities in its web pages. If a user clicks on a malicious link or opens a malicious web page, arbitrary Java Script may be executed with this user's permissions. This can lead to information loss and/or modification of existin...
CVE-2025-3019
Summary: CVE-2025-3019 refers to cross-site scripting vulnerabilities in KNIME Business Hub web pages driven by a bug in the nuxt-security module. Affected software: KNIME Business Hub (web pages). Root cause: Vulnerabilities arise from a bug in the nuxt-security module referenced in multiple sou...
CVE-2025-3019 Cross-site scripting vulnerabilities in KNIME Business Hub web pages
KNIME Business Hub is affected by several cross-site scripting vulnerabilities in its web pages. If a user clicks on a malicious link or opens a malicious web page, arbitrary Java Script may be executed with this user's permissions. This can lead to information loss and/or modification of existin...
CVE-2025-27094
Tuleap is an open-source suite designed to improve software development management and collaboration. A malicious user with access to a tracker could force-reset certain field configurations, leading to potential information loss. The display time attribute for the date field, the size attribute...
CVE-2025-27094
Tuleap is an open-source suite designed to improve software development management and collaboration. A malicious user with access to a tracker could force-reset certain field configurations, leading to potential information loss. The display time attribute for the date field, the size attribute...
CVE-2025-27094 Tuleap allows default values to be cleared from field configuration
Tuleap is an open-source suite designed to improve software development management and collaboration. A malicious user with access to a tracker could force-reset certain field configurations, leading to potential information loss. The display time attribute for the date field, the size attribute...
CVE-2025-27094
CVE-2025-27094 affects Tuleap Community Edition 16.4.99.1739806825–16.4.99.1739877910 and Tuleap Enterprise Edition prior to 16.3-9 or 16.4-4. The issue allows a user with tracker access to force-reset certain field configurations, leading to potential information loss; specific attributes for da...
CVE-2025-27094 Tuleap allows default values to be cleared from field configuration
Tuleap is an open-source suite designed to improve software development management and collaboration. A malicious user with access to a tracker could force-reset certain field configurations, leading to potential information loss. The display time attribute for the date field, the size attribute...
PT-2025-9509 · Unknown · Tuleap Community Edition +1
Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions 16.4.99.1739806825 through 16.4.99.1739877910 Tuleap Enterprise Edition versions prior to 16.3-9 Tuleap Enterprise Edition versions prior to 16.4-4 Description: A malicious user with access to a tracker could...
GHSA-6H8W-HRFP-PFFX Plenti arbitrary file deletion vulnerability
Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2 fixes the vulnerabili...
CVE-2024-49381
Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2 fixes the vulnerabili...
CVE-2024-49381 Plenti arbitrary file deletion vulnerability
Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2 fixes the vulnerabili...