3943 matches found
EUVD-2025-27922
Malicious code in bioql PyPI...
EUVD-2023-56152
Malicious code in bioql PyPI...
CVE-2025-52656
HCL MyXalytics: 6.6. is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is automatically bound to application objects without proper validation or access controls, potentially allowing unauthorized modification of sensitive fields...
CVE-2025-52656
HCL MyXalytics: 6.6. is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is automatically bound to application objects without proper validation or access controls, potentially allowing unauthorized modification of sensitive fields...
CVE-2025-52656
CVE-2025-52656 affects HCL MyXalytics version 6.6. The vulnerability is a Mass Assignment flaw where user input may be automatically bound to application objects without proper validation or access controls, potentially allowing unauthorized modification of sensitive fields. Root cause: insuffici...
CVE-2025-52656 HCL MyXalytics product is affected by Mass Assignment vulnerability
HCL MyXalytics: 6.6. is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is automatically bound to application objects without proper validation or access controls, potentially allowing unauthorized modification of sensitive fields...
CVE-2025-52656 HCL MyXalytics product is affected by Mass Assignment vulnerability
HCL MyXalytics: 6.6. is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is automatically bound to application objects without proper validation or access controls, potentially allowing unauthorized modification of sensitive fields...
EUVD-2025-32359
HCL MyXalytics: 6.6. is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is automatically bound to application objects without proper validation or access controls, potentially allowing unauthorized modification of sensitive fields...
PT-2025-40574
Name of the Vulnerable Software and Affected Versions HCL MyXalytics version 6.6 Description The software is susceptible to a Mass Assignment issue. This happens when user-supplied data is automatically mapped to application objects without sufficient validation or access controls, potentially...
SUSE CVE-2023-53464
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Check that sock is valid before iscsisetparam The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad "scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling...
kernel: vsock: Fix transport_* TOCTOU
In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...
CVE-2023-53511
In the Linux kernel, the following vulnerability has been resolved: iouring: fix fget leak when fs don't support nowait buffered read Heming reported a BUG when using iouring doing link-cp on ocfs2. 1 Do the following steps can reproduce this BUG: mount -t ocfs2 /dev/vdc /mnt/ocfs2 cp testfile...
kernel: vsock: Fix transport_* TOCTOU
In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...
PT-2025-40279
Name of the Vulnerable Software and Affected Versions Deciso OPNsense versions prior to 25.7.4 Description OPNsense versions prior to 25.7.4 are susceptible to a stored cross-site scripting issue. This occurs when creating a "Interfaces: Devices: Point-to-Point" entry, where the ptpid parameter i...
CVE-2025-7104
A mass assignment vulnerability exists in danny-avila/librechat, affecting all versions. This vulnerability allows attackers to manipulate sensitive fields by automatically binding user-provided data to internal object properties or database fields without proper filtering. As a result, any extra...
CVE-2025-7104
A mass assignment vulnerability exists in danny-avila/librechat, affecting all versions. This vulnerability allows attackers to manipulate sensitive fields by automatically binding user-provided data to internal object properties or database fields without proper filtering. As a result, any extra...
CVE-2025-7104
A mass assignment vulnerability exists in danny-avila/librechat, affecting all versions. This vulnerability allows attackers to manipulate sensitive fields by automatically binding user-provided data to internal object properties or database fields without proper filtering. As a result, any extra...
CVE-2025-7104 Mass Assignment in danny-avila/librechat
A mass assignment vulnerability exists in danny-avila/librechat, affecting all versions. This vulnerability allows attackers to manipulate sensitive fields by automatically binding user-provided data to internal object properties or database fields without proper filtering. As a result, any extra...
CVE-2025-7104 Mass Assignment in danny-avila/librechat
A mass assignment vulnerability exists in danny-avila/librechat, affecting all versions. This vulnerability allows attackers to manipulate sensitive fields by automatically binding user-provided data to internal object properties or database fields without proper filtering. As a result, any extra...
CVE-2025-7104
CVE-2025-7104 affects librechat (danny-avila/librechat). The vulnerability is a mass assignment flaw where user-supplied data is automatically bound to internal object properties or database fields without proper filtering. As a result, extra fields in the request body are carried into agentData ...