96 matches found
Modular Account 安全漏洞
Modular Account is an open source application from Alchemy. A security vulnerability exists in Modular Account that stems from the allowlist module not checking the executeUserOp path, which could lead to bypassing access control restrictions...
PT-2025-21362 · Unknown · Modular Account De Alchemy
Name of the Vulnerable Software and Affected Versions: Modular Account de Alchemy versions prior to commit 5e6f540d249afcaeaf76ab95517d0359fde883b0 Description: The issue concerns a bug in the allowlist module of Modular Account de Alchemy, which is compatible with ERC-4337 and ERC-6900. This bug...
BIT-SUPERSET-2022-41703 Apache Superset: SQL injection vulnerability in adhoc clauses
A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...
Malicious code in alchemy-asset-transfers-benchmark (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-38 Malicious code in alchemy-web3-webpack-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0baf7db6925882a96eddaa00b4877f9147183d9b00a85fd69b02e5fe625f7ff7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in alchemy-pg-search (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 77530837cfba16b5f3568ca997d99552be39ec2d229e168ede01f6ac6ddc096e --- Credit: OpenSSF source...
MAL-2024-6545 Malicious code in alchemy-pg-search (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 77530837cfba16b5f3568ca997d99552be39ec2d229e168ede01f6ac6ddc096e --- Credit: OpenSSF source...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.325.5.el8 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access...
alchemy-stitchcraft.co.uk Cross Site Scripting vulnerability OBB-3475325
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
agentopia (>=0.1.0 <=0.1.5), alaya-py (>=0.15.0.0 <=0.15.0.1) +219 more potentially affected by CVE-2022-37454 via pysha3 (>=0.3.0 <=1.0.2)
pysha3 PYPI version =0.3.0, =0.1.0, =0.15.0.0, =0.4.0a1, =0.1.0, =0.1.22, =0.4.0, =0.4.0a0, =0.1.0a0, =0.4.0a1, =0.1.0, =0.4.0, =0.4.0, =0.4.0, =0.5.2 - ape-frame =0.5.0a0 and more Source cves: CVE-2022-37454 Source advisory: OSV:GHSA-6W4M-2XHG-2658...
SUSE CVE-2013-4511
Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the 1 au1100fbfbmmap function in...
GHSA-CXVP-3FRM-3876 Apache Superset's SQL Alchemy connector vulnerable to SQL Injection
A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...
Apache Superset's SQL Alchemy connector vulnerable to SQL Injection
A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...
Design/Logic Flaw
A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...
CVE-2022-41703
The CVE-2022-41703 issue is in Apache Superset’s SQL Alchemy connector. An authenticated user with read access to a database can add subqueries in the WHERE and HAVING clauses that reference tables the user should not access, even when the ALLOW_ADHOC_SUBQUERY feature flag is disabled. Affected v...
CVE-2022-41703 Apache Superset: SQL injection vulnerability in adhoc clauses
A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...
CVE-2022-41703 Apache Superset: SQL injection vulnerability in adhoc clauses
A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...
Alchemy CMS 6.0.0 Arbitrary File Upload Vulnerability
Exploit Title: AlchemyCMS 2.x to 6.0.0 - Unrestricted File Upload authenticated Exploit Author: Abdulrahman https://twitter.com/infosec90 Vendor Homepage: https://alchemy-cms.com Software Link: https://github.com/AlchemyCMS/alchemycms Version: from 2.0 to 6.0.0 Tested on: Linux ruby 2.6.8p205 rai...
Alchemy CMS 6.0.0 Arbitrary File Upload
Exploit Title: AlchemyCMS 2.x to 6.0.0 - Unrestricted File Upload authenticated Date: 01/10/2021 Exploit Author: Abdulrahman https://twitter.com/infosec90 Vendor Homepage: https://alchemy-cms.com Software Link: https://github.com/AlchemyCMS/alchemycms Version: from 2.0 to 6.0.0 Tested on: Linux...
Alchemy Eye Detection
Checks whether Alchemy Eye is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU...