10 matches found
EUVD-2024-3470
Malicious code in bioql PyPI...
CVE-2024-55500
Cross-Site Request Forgery CSRF in Avenwu Whistle v.2.9.90 and before allows attackers to perform malicious API calls, resulting in the execution of arbitrary code on the victim's machine...
Cross-Site Request Forgery (CSRF)
Avenwu Whistle is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to insufficient validation of API requests, allowing attackers to perform malicious API calls that result in arbitrary code execution on the victim's machine...
Avenwu Whistle Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF in Avenwu Whistle v.2.9.90 and before allows attackers to perform malicious API calls, resulting in the execution of arbitrary code on the victim's machine...
GHSA-GG6X-448Q-PQQM Avenwu Whistle Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF in Avenwu Whistle v.2.9.90 and before allows attackers to perform malicious API calls, resulting in the execution of arbitrary code on the victim's machine...
CVE-2024-55500
Cross-Site Request Forgery CSRF in Avenwu Whistle v.2.9.90 and before allows attackers to perform malicious API calls, resulting in the execution of arbitrary code on the victim's machine...
CVE-2024-55500
Cross-Site Request Forgery CSRF in Avenwu Whistle v.2.9.90 and before allows attackers to perform malicious API calls, resulting in the execution of arbitrary code on the victim's machine...
CVE-2024-55500
CVE-2024-55500 concerns CSRF in Avenwu Whistle (v2.9.90 and earlier). Affected component: the Avenwu Whistle API surface where requests lack proper origin/validation, enabling attackers to craft requests that trigger arbitrary code execution on the victim’s machine. Root cause, as described acros...
CVE-2024-55500
Cross-Site Request Forgery CSRF in Avenwu Whistle v.2.9.90 and before allows attackers to perform malicious API calls, resulting in the execution of arbitrary code on the victim's machine...
CVE-2024-55500
Cross-Site Request Forgery CSRF in Avenwu Whistle v.2.9.90 and before allows attackers to perform malicious API calls, resulting in the execution of arbitrary code on the victim's machine...