Lucene search
+L

96 matches found

CNNVD
CNNVD
added 2025/05/15 12:0 a.m.7 views

Modular Account 安全漏洞

Modular Account is an open source application from Alchemy. A security vulnerability exists in Modular Account that stems from the allowlist module not checking the executeUserOp path, which could lead to bypassing access control restrictions...

8.7CVSS6.6AI score0.00336EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/15 12:0 a.m.8 views

PT-2025-21362 · Unknown · Modular Account De Alchemy

Name of the Vulnerable Software and Affected Versions: Modular Account de Alchemy versions prior to commit 5e6f540d249afcaeaf76ab95517d0359fde883b0 Description: The issue concerns a bug in the allowlist module of Modular Account de Alchemy, which is compatible with ERC-4337 and ERC-6900. This bug...

8.7CVSS6.5AI score0.00336EPSS
Exploits0References6
OSV
OSV
added 2025/02/05 7:29 a.m.10 views

BIT-SUPERSET-2022-41703 Apache Superset: SQL injection vulnerability in adhoc clauses

A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...

5.4CVSS5.3AI score0.01194EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/30 4:55 p.m.4 views

Malicious code in alchemy-asset-transfers-benchmark (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

6.9AI score
Exploits0
OSV
OSV
added 2025/01/08 8:46 p.m.5 views

MAL-2025-38 Malicious code in alchemy-web3-webpack-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0baf7db6925882a96eddaa00b4877f9147183d9b00a85fd69b02e5fe625f7ff7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:47 p.m.7 views

Malicious code in alchemy-pg-search (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 77530837cfba16b5f3568ca997d99552be39ec2d229e168ede01f6ac6ddc096e --- Credit: OpenSSF source...

5.3AI score
Exploits0References3
OSV
OSV
added 2024/06/25 1:47 p.m.5 views

MAL-2024-6545 Malicious code in alchemy-pg-search (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 77530837cfba16b5f3568ca997d99552be39ec2d229e168ede01f6ac6ddc096e --- Credit: OpenSSF source...

5.3AI score
Exploits0References3
Oracle linux
Oracle linux
added 2023/11/21 12:0 a.m.49 views

Unbreakable Enterprise kernel-container security update

5.4.17-2136.325.5.el8 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access...

7.1CVSS7.8AI score0.00387EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2023/06/29 7:33 a.m.13 views

alchemy-stitchcraft.co.uk Cross Site Scripting vulnerability OBB-3475325

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
vulnersOsv
vulnersOsv
added 2023/04/26 5:39 p.m.8 views

agentopia (>=0.1.0 <=0.1.5), alaya-py (>=0.15.0.0 <=0.15.0.1) +219 more potentially affected by CVE-2022-37454 via pysha3 (>=0.3.0 <=1.0.2)

pysha3 PYPI version =0.3.0, =0.1.0, =0.15.0.0, =0.4.0a1, =0.1.0, =0.1.22, =0.4.0, =0.4.0a0, =0.1.0a0, =0.4.0a1, =0.1.0, =0.4.0, =0.4.0, =0.4.0, =0.5.2 - ape-frame =0.5.0a0 and more Source cves: CVE-2022-37454 Source advisory: OSV:GHSA-6W4M-2XHG-2658...

9.8CVSS6.8AI score0.05193EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.5 views

SUSE CVE-2013-4511

Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the 1 au1100fbfbmmap function in...

6.9CVSS6.5AI score0.00596EPSS
Exploits1References11
OSV
OSV
added 2023/01/16 12:30 p.m.76 views

GHSA-CXVP-3FRM-3876 Apache Superset's SQL Alchemy connector vulnerable to SQL Injection

A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...

5.4CVSS5.3AI score0.01194EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/01/16 12:30 p.m.52 views

Apache Superset's SQL Alchemy connector vulnerable to SQL Injection

A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...

5.4CVSS5.7AI score0.01194EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/01/16 11:15 a.m.22 views

Design/Logic Flaw

A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...

5.5CVSS5.4AI score0.01194EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/01/16 10:14 a.m.90 views

CVE-2022-41703

The CVE-2022-41703 issue is in Apache Superset’s SQL Alchemy connector. An authenticated user with read access to a database can add subqueries in the WHERE and HAVING clauses that reference tables the user should not access, even when the ALLOW_ADHOC_SUBQUERY feature flag is disabled. Affected v...

5.4CVSS5.4AI score0.01194EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/16 10:14 a.m.59 views

CVE-2022-41703 Apache Superset: SQL injection vulnerability in adhoc clauses

A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...

5.7AI score0.01194EPSS
Exploits0References1
OSV
OSV
added 2023/01/16 10:14 a.m.24 views

CVE-2022-41703 Apache Superset: SQL injection vulnerability in adhoc clauses

A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...

5.4CVSS6.2AI score0.01194EPSS
Exploits0References3
0day.today
0day.today
added 2021/10/13 12:0 a.m.362 views

Alchemy CMS 6.0.0 Arbitrary File Upload Vulnerability

Exploit Title: AlchemyCMS 2.x to 6.0.0 - Unrestricted File Upload authenticated Exploit Author: Abdulrahman https://twitter.com/infosec90 Vendor Homepage: https://alchemy-cms.com Software Link: https://github.com/AlchemyCMS/alchemycms Version: from 2.0 to 6.0.0 Tested on: Linux ruby 2.6.8p205 rai...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/13 12:0 a.m.294 views

Alchemy CMS 6.0.0 Arbitrary File Upload

Exploit Title: AlchemyCMS 2.x to 6.0.0 - Unrestricted File Upload authenticated Date: 01/10/2021 Exploit Author: Abdulrahman https://twitter.com/infosec90 Vendor Homepage: https://alchemy-cms.com Software Link: https://github.com/AlchemyCMS/alchemycms Version: from 2.0 to 6.0.0 Tested on: Linux...

0.1AI score
Exploits0
OpenVAS
OpenVAS
added 2019/11/25 12:0 a.m.7 views

Alchemy Eye Detection

Checks whether Alchemy Eye is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU...

0.4AI score
Exploits0References1
Rows per page
Query Builder