Malicious code in user_migration (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a952d55363362a942ec86eee421ffd30f1de7fbc2e9575ea1a37eaae9a73603 The package usermigration was found to contain malicious code...

EUVD-2024-50629

Malicious code in bioql PyPI...

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

CVE-2022-41933

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When the reset a forgotten password feature of XWiki was used, the password was then stored in plain text in database. This only concerns XWiki 13.1RC1 and newer versions. Note that it only...

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

CVE-2024-12151

CVE-2024-12151 affects Devolutions Server (versions 2024.3.8.0 and earlier) due to an incorrect permission assignment in the User Migration feature, allowing users to retain their old permission sets. The vulnerable component is the User Migration feature; root cause: incorrect permission handlin...

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

Devolutions Server 产品安全漏洞

Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2024.3.8.0 and prior versions, which stems from an incorrect assignment of privileges in...

PT-2024-17459 · Devolutions · Devolutions Server

Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2024.3.8.0 and earlier Description: The issue is related to incorrect permission assignment in the user migration feature, allowing users to retain their old permission sets. This affects the security of the system...

L2Migrator allows a user to migrate once through claimStake() and once through finalizeMigrateDelegator()

Handle Ruhum Vulnerability details Impact There are two ways to migrate from L1 to L2. Either through the cross-chain or the snapshot migration, as specified here But, a user is able to migrate twice by using both options. Proof of Concept The issue is that the migratedDelegator map is not used...

Facebook’s Mandatory Data-Sharing Rules for WhatsApp Spark Ire

WhatsApp is asking users to accept a new privacy policy that will share all of their data with Facebook beginning Feb. 8, a move that has users sounding an alarm once again about the privacy of their information in the hands of the social media giant. The Facebook-owned messaging service already...

Server: user_migrate: Local file disclosure

Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.13 and 4.5.8 allows an authenticated remote attacker to import arbitrary files on the server inside his user account. For more information please consult the official advisory. This advisory is licensed CC BY-SA 4.0...

Security update 1970-01-01

...