152 matches found
PT-2026-6882
Name of the Vulnerable Software and Affected Versions yeqifu warehouse versions prior to aaf29962ba407d22d991781de28796ee7b4670e4 Description A weakness exists due to improper authorization within the User Management Endpoint component. The issue is related to the addUser, updateUser, and...
SUSE SLES15: busybox / busybox-adduser / busybox-attr / busybox-bc / etc (SUSE-SU-2026:0236-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0236-1 advisory. This update for busybox fixes the following issues: Security issues: - CVE-2025-46394: Fixed tar hidden files via...
SUSE-SU-2026:0236-1 Security update for busybox
This update for busybox fixes the following issues: This update for busybox fixes the following issues: Security issues: - CVE-2025-46394: Fixed tar hidden files via escape sequence CVE-2025-46394, bsc1241661 - CVE-2025-60876: Fixed HTTP request header injection in wget CVE-2025-60876, bsc1253245...
CVE-2025-51744
An issue was discovered in jishenghua JSHERP 2.3.1. The /user/addUser endpoint is vulnerable to fastjson deserialization attacks...
CVE-2025-51744
An issue was discovered in jishenghua JSHERP 2.3.1. The /user/addUser endpoint is vulnerable to fastjson deserialization attacks...
PT-2025-48083
An issue was discovered in jishenghua JSH ERP 2.3.1. The /user/addUser endpoint is vulnerable to fastjson deserialization attacks...
CVE-2025-51744
An issue was discovered in jishenghua JSHERP 2.3.1. The /user/addUser endpoint is vulnerable to fastjson deserialization attacks...
CVE-2025-51744
CVE-2025-51744 affects jishenghua JSH_ERP 2.3.1. The /user/addUser endpoint is reported to be vulnerable to fastjson deserialization attacks. The CVSS 3.1 base score is 9.8 (CRITICAL) with network attack vector, no privileges required, no user interaction, and high impact on confidentiality, inte...
EUVD-2015-1036
Malware in sbrugna...
EUVD-2008-6548
Malware in sbrugna...
EUVD-2020-14138
Malware in sbrugna...
EUVD-2025-24135
Malicious code in bioql PyPI...
EUVD-2021-31255
Malicious code in bioql PyPI...
EUVD-2023-1142
Malicious code in bioql PyPI...
CVE-2025-8839
A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may b...
CVE-2025-8839
A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may b...
CVE-2025-8839 jshERP Endpoint addUser improper authorization
A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may b...
CVE-2025-8839 jshERP Endpoint addUser improper authorization
A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may b...
CVE-2025-8839 jshERP Endpoint addUser improper authorization
A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may b...
CVE-2025-8839
The CVE-2025-8839 issue affects jshERP up to v3.5, specifically the Endpoint component processing the file /jshERP-boot/user/addUser, where improper authorization is the root cause. The vulnerability could be triggered remotely and, per multiple sources, the exploit has been publicly disclosed, i...