30 matches found
EUVD-2024-45396
Malicious code in bioql PyPI...
EUVD-2024-45398
Malicious code in bioql PyPI...
EUVD-2024-45394
Malicious code in bioql PyPI...
EUVD-2024-45397
Malicious code in bioql PyPI...
EUVD-2024-45395
Malicious code in bioql PyPI...
CVE-2024-51560
This vulnerability exists in the Wave 2.0 due to improper exception handling for invalid inputs at certain API endpoint. An authenticated remote attacker could exploit this vulnerability by providing invalid inputs for “userId” parameter in the API request leading to generation of error message...
CVE-2024-51558
This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a brute force attack against legitimate user OTP, MPIN or password, which could lead to gain...
CVE-2024-51559
This vulnerability exists in the Wave 2.0 due to improper authorization checks on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating API input parameters to gain unauthorized access and perform malicious activities on other user accounts...
CVE-2024-51557
This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoint which could lead to the OTP bombing/flooding on the targeted...
CVE-2024-51559
This vulnerability exists in the Wave 2.0 due to improper authorization checks on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating API input parameters to gain unauthorized access and perform malicious activities on other user accounts...
CVE-2024-51558
This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a brute force attack against legitimate user OTP, MPIN or password, which could lead to gain...
CVE-2024-51557
This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoint which could lead to the OTP bombing/flooding on the targeted...
CVE-2024-51560
This vulnerability exists in the Wave 2.0 due to improper exception handling for invalid inputs at certain API endpoint. An authenticated remote attacker could exploit this vulnerability by providing invalid inputs for “userId” parameter in the API request leading to generation of error message...
CVE-2024-51556
This vulnerability exists in the Wave 2.0 due to insufficient encryption of sensitive data received at the API response. An authenticated remote attacker could exploit this vulnerability by manipulating API input parameters through API request URL/payload leading to unauthorized access to sensiti...
CVE-2024-51560
The CVE-2024-51560 issue affects Wave 2.0, stemming from improper exception handling for invalid inputs in a specific API endpoint that processes the userId parameter. An authenticated remote attacker could trigger error messages that leak sensitive information about the targeted system. Document...
CVE-2024-51560 Improper Error Handling Vulnerability in Wave 2.0
This vulnerability exists in the Wave 2.0 due to improper exception handling for invalid inputs at certain API endpoint. An authenticated remote attacker could exploit this vulnerability by providing invalid inputs for “userId” parameter in the API request leading to generation of error message...
CVE-2024-51560 Improper Error Handling Vulnerability in Wave 2.0
This vulnerability exists in the Wave 2.0 due to improper exception handling for invalid inputs at certain API endpoint. An authenticated remote attacker could exploit this vulnerability by providing invalid inputs for “userId” parameter in the API request leading to generation of error message...
CVE-2024-51559 Improper Access Control Vulnerability in Wave 2.0
This vulnerability exists in the Wave 2.0 due to improper authorization checks on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating API input parameters to gain unauthorized access and perform malicious activities on other user accounts...
CVE-2024-51559
The CVE-2024-51559 entry applies to Wave 2.0 and is supported by connected documents that describe a vulnerability caused by improper authorization checks on certain API endpoints. An authenticated remote attacker could exploit this by manipulating API input parameters (e.g., user_id) to gain una...
CVE-2024-51559 Improper Access Control Vulnerability in Wave 2.0
This vulnerability exists in the Wave 2.0 due to improper authorization checks on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating API input parameters to gain unauthorized access and perform malicious activities on other user accounts...