260 matches found
EUVD-2017-16710
Malware in sbrugna...
EUVD-2018-4080
Malware in sbrugna...
EUVD-2018-1905
Malware in sbrugna...
EUVD-2007-6021
Malware in sbrugna...
EUVD-2024-53000
Malicious code in bioql PyPI...
EUVD-2025-4180
Malicious code in bioql PyPI...
EUVD-2025-4179
Malicious code in bioql PyPI...
EUVD-2025-4181
Malicious code in bioql PyPI...
EUVD-2025-11143
Malicious code in bioql PyPI...
CVE-2025-27238
Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...
BIT-NIFI-2022-33140 Improper Neutralization of Command Elements in Shell User Group Provider
The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is not included in the...
CVE-2025-27238
Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...
CVE-2025-27238
Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...
DEBIAN-CVE-2025-27238
Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...
CVE-2025-27238
Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...
UBUNTU-CVE-2025-27238
Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...
CVE-2025-27238 API hostprototype.get lists data to users with insufficient authorization.
Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them...
CVE-2025-51479
Authorization bypass in updateusergroup in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows remote authenticated attackers to modify arbitrary user groups via crafted PATCH requests to the /api/manage/admin/user-group/id endpoint, bypassing intended curator-group assignment checks...
CVE-2025-51479
Authorization bypass in updateusergroup in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows remote authenticated attackers to modify arbitrary user groups via crafted PATCH requests to the /api/manage/admin/user-group/id endpoint, bypassing intended curator-group assignment checks...
Onyx 安全漏洞
Onyx is an AI big modeling platform open-sourced by Onyx. A security vulnerability exists in Onyx version 0.27.0, which stems from an authorization bypass vulnerability in updateusergroup that could lead to modifying arbitrary user groups...