110 matches found
CVE-2026-55412
ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, there's an SSRF in the RestAPI data source component. The RestAPI data source executes HTTP requests server-side, and its private IP filter only...
CVE-2026-55412 ToolJet Cloud - SSRF to Azure Cloud Infrastructure Compromise
ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, there's an SSRF in the RestAPI data source component. The RestAPI data source executes HTTP requests server-side, and its private IP filter only...
EUVD-2026-39469
ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, there's an SSRF in the RestAPI data source component. The RestAPI data source executes HTTP requests server-side, and its private IP filter only...
CVE-2023-31208
Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk 2.0.0p36, 2.1.0p28, and 2.2.0b8 beta allows arbitrary livestatus command execution for authorized users...
PT-2025-41173
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.1.0.10 Dell PowerProtect Data Domain versions 7.13.1.0 through 7.13.1.25 Dell PowerProtect Data Domain versions 7.10.1.0 through 7.10.1.50 Description The Dell PowerProtect Data Domain...
EUVD-2023-35523
Malicious code in bioql PyPI...
EUVD-2022-51017
Malicious code in bioql PyPI...
EUVD-2022-51018
Malicious code in bioql PyPI...
EUVD-2025-10484
Malicious code in bioql PyPI...
EUVD-2025-19936
Malicious code in bioql PyPI...
EUVD-2023-27684
Malicious code in bioql PyPI...
EUVD-2024-49291
Malicious code in bioql PyPI...
EUVD-2024-51944
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-8606
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bypass of two factor authentication in RestAPI in Checkmk 2.3.0p16 and 2.2.0p34 allows authenticated users to bypass two factor authentication CVE-2024-8606 Not...
Linux Distros Unpatched Vulnerability : CVE-2023-31208
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk 2.0.0p36, 2.1.0p28, and 2.2.0b8 beta allows arbitrary livestatus command...
CVE-2025-32918
Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions 2.4.0p6, 2.3.0p35, 2.2.0p44, and 2.1.0 EOL allows an authenticated user to inject arbitrary Livestatus commands...
CVE-2025-32918
Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions 2.4.0p6, 2.3.0p35, 2.2.0p44, and 2.1.0 EOL allows an authenticated user to inject arbitrary Livestatus commands...
CVE-2025-32918 Livestatus injection in autocomplete endpoint
Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions 2.4.0p6, 2.3.0p35, 2.2.0p44, and 2.1.0 EOL allows an authenticated user to inject arbitrary Livestatus commands...
CVE-2025-32918 Livestatus injection in autocomplete endpoint
Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions 2.4.0p6, 2.3.0p35, 2.2.0p44, and 2.1.0 EOL allows an authenticated user to inject arbitrary Livestatus commands...
CVE-2025-32918
CVE-2025-32918 affects Checkmk where the Livestatus delimiter is improperly neutralized in the RestAPI autocomplete endpoint. This allows an authenticated user to inject arbitrary Livestatus commands. Affected versions are Checkmk <2.4.0p6, <2.3.0p35,