PT-2026-42141

Improper Control of Generation of Code 'Code Injection' vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component:...

EUVD-2018-0936

Malware in sbrugna...

EUVD-2024-19787

Malicious code in bioql PyPI...

showdoc Cross-site Request Forgery Vulnerability (CNVD-2022-02730)

showdoc is an open source tool ideal for IT teams to share documents online. showdoc suffers from a cross-site request forgery vulnerability, which stems from a WEB application that does not sufficiently validate that the request is from a trusted user. An attacker could use this vulnerability to...

firefly-iii Cross-site Request Forgery Vulnerability (CNVD-2022-19846)

firefly-iii is a free and open source personal finance software. firefly-iii suffers from a cross-site request forgery vulnerability, which originates when a WEB application does not sufficiently validate that a request is from a trusted user, and can be exploited by an attacker to send an...

Mattermost Server Cross-Site Request Forgery Vulnerability (CNVD-2020-35367)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site request forgery vulnerability exists in Mattermost Server, which stems from a WEB application that does not adequately validate whether a request is coming from a trusted user, and can ...

Squid Cross-Site Request Forgery Vulnerability

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A cross-site request forgery vulnerability exists in the HTTP request processing in Squid, which arises from a WEB...

LabKey Server Cross-Site Request Forgery Vulnerability

LabKey Server is a biomedical research data repository from LabKey, Inc. The repository allows Web-based querying, reporting, and collaboration across a wide range of data sources. A cross-site request forgery vulnerability exists in LabKey Server. An attacker could exploit this vulnerability to...

CloudBees Jenkins Rundeck plugin cross-site request forgery vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . Rundeck Plugin is used in one of the...

NETGEAR JNR1010 Cross-Site Request Forgery Vulnerability

The NETGEAR JNR1010 is a wireless router from NETGEAR. A cross-site request forgery vulnerability exists in the NETGEAR JNR1010 prior to version 1.0.0.32. The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a trusted user, and can be...

WTCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-34388)

WTCMS is a ThinkPHP-based content management system CMS. A cross-site request forgery vulnerability exists in WTCMS version 1.0, which can be exploited by an attacker to send unintended requests to the server via an affected client...

WallacePOS Cross-Site Request Forgery Vulnerability

WallacePOS is an open source, web-based POS and business management system. The system is compatible with standard POS hardware such as receipt printers, cash drawers and barcode scanners. A cross-site request forgery vulnerability exists in WallacePOS version 1.4.3. The vulnerability stems from...

Computrols CBAS Web Cross-Site Request Forgery Vulnerability

Computrols CBAS is a building automation system from Computrols USA. A cross-site request forgery vulnerability exists in Computrols CBAS, which can be exploited by an attacker to send unintended requests to a server via an affected client...

Multiple buffer overflows in Mozilla POP3 protocol handler

Overview There are multiple buffer overflow vulnerabilities in the Mozilla POP3 protocol handler that could allow a remote attacker to execute arbitrary code. Description Post Office Protocol Version 3 POP3 is a mail protocol that provides a means for retrieving email from a remote server. The...