491 matches found
EUVD-2024-16672
Malicious code in bioql PyPI...
EUVD-2023-58094
Malicious code in bioql PyPI...
EUVD-2024-51174
Malicious code in bioql PyPI...
EUVD-2023-58093
Malicious code in bioql PyPI...
EUVD-2024-48963
Malicious code in bioql PyPI...
EUVD-2025-31374
Malicious code in bioql PyPI...
EUVD-2025-2091
Malicious code in bioql PyPI...
EUVD-2023-32295
Malicious code in bioql PyPI...
EUVD-2022-41797
Malicious code in bioql PyPI...
EUVD-2025-9940
Malicious code in bioql PyPI...
EUVD-2024-48093
Malicious code in bioql PyPI...
EUVD-2025-10091
Malicious code in bioql PyPI...
EUVD-2025-10090
Malicious code in bioql PyPI...
EUVD-2025-7497
Malicious code in bioql PyPI...
CVE-2025-59537
CVE-2025-59537 affects Argo CD. Affected: Argo CD server components in versions 1.2.0–1.8.7, 2.0.0-rc1–2.14.19, 3.0.0-rc1–3.2.0-rc1, 3.1.7, and 3.0.18. Description: receiving a Gogs push webhook with commits[].repo missing or null can crash the argocd-server process via the /api/webhook endpoint,...
Argo CD 安全漏洞
Argo CD is an Argo open source declarative GitOps continuous delivery tool for Kubernetes. A security vulnerability exists in Argo CD that stems from unconfigured webhook.bitbucketserver.secret when processing malicious API requests, which could lead to a denial-of-service attack. The following...
CVE-2025-55191
CVE-2025-55191 affects Argo CD up to several release lines (2.14.19, 3.1.7, 3.0.18, etc.). The issue is a race condition in the repository credentials handler (repository_secrets.go) that can cause the Argo CD server to panic and crash when concurrent operations touch the same repository URL. A v...
CVE-2025-11135
A vulnerability was detected in pmTicket Project-Management-Software up to 2ef379da2075f4761a2c9029cf91d073474e7486. The affected element is the function loadLanguage of the file classes/class.database.php of the component Cookie Handler. Performing manipulation of the argument userid results in...
PT-2025-40034
Name of the Vulnerable Software and Affected Versions Argo CD versions 2.1.0 through 2.14.19 Argo CD versions 3.0.0-rc1 through 3.0.18 Argo CD versions 3.1.0-rc1 through 3.1.7 Argo CD version 3.2.0-rc1 Description Argo CD, a declarative GitOps continuous delivery tool for Kubernetes, is susceptib...
PT-2025-40045
Summary In the default configuration, webhook.azuredevops.username and webhook.azuredevops.password not set, Argo CD’s /api/webhook endpoint crashes the entire argocd-server process when it receives an Azure DevOps Push event whose JSON array resource.refUpdates is empty. The slice index 0 is...