506 matches found
EUVD-2024-30746
Malicious code in bioql PyPI...
EUVD-2021-7728
Malicious code in bioql PyPI...
EUVD-2021-7674
Malicious code in bioql PyPI...
EUVD-2022-4443
Malicious code in bioql PyPI...
EUVD-2022-53442
Malicious code in bioql PyPI...
EUVD-2022-33948
Malicious code in bioql PyPI...
EUVD-2023-31631
Malicious code in bioql PyPI...
EUVD-2022-34114
Malicious code in bioql PyPI...
EUVD-2022-35613
Malicious code in bioql PyPI...
EUVD-2022-35614
Malicious code in bioql PyPI...
CVE-2024-33001
SAP NetWeaver and ABAP platform allows an attacker to impede performance for legitimate users by crashing or flooding the service. An impact of this Denial of Service vulnerability might be long response delays and service interruptions, thus degrading the service quality experienced by legitimat...
CVE-2023-32111
In SAP PowerDesigner Proxy - version 16.7, an attacker can send a crafted request from a remote host to the proxy machine and crash the proxy server, due to faulty implementation of memory management causing a memory corruption. This leads to a high impact on availability of the application...
CVE-2023-25656
notation-go is a collection of libraries for supporting Notation sign, verify, push, and pull of oci artifacts. Prior to version 1.0.0-rc.3, notation-go users will find their application using excessive memory when verifying signatures. The application will be killed, and thus availability is...
CVE-2022-29793
There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability...
CVE-2022-29617
Due to improper error handling an authenticated user can crash CLA assistant instance. This could impact the availability of the application...
CVE-2025-43864 React Router allows a DoS via cache poisoning by forcing SPA mode
React Router is a router for React. Starting in version 7.2.0 and prior to version 7.5.2, it is possible to force an application to switch to SPA mode by adding a header to the request. If the application uses SSR and is forced to switch to SPA, this causes an error that completely corrupts the...
CVE-2024-7035
In version v0.3.8 of open-webui/open-webui, sensitive actions such as deleting and resetting are performed using the GET method. This vulnerability allows an attacker to perform Cross-Site Request Forgery CSRF attacks, where an unaware user can unintentionally perform sensitive actions by simply...
CVE-2024-7035
The CVE-2024-7035 issue affects open-webui/open-webui (v0.3.8). The underlying problem is CSRF because sensitive actions (delete/reset) are invoked via GET requests. Affected endpoints include /rag/api/v1/reset, /rag/api/v1/reset/db, /api/v1/memories/reset, and /rag/api/v1/reset/uploads, impactin...
CVE-2025-26661
Due to missing authorization check, SAP NetWeaver ABAP Class Builder allows an attacker to gain higher access levels than they should have, resulting in escalation of privileges. On successful exploitation, this could result in disclosure of highly sensitive information. It could also have a high...
Linux Distros Unpatched Vulnerability : CVE-2021-3605
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked wi...