20 matches found
EUVD-2023-3037
Malicious code in bioql PyPI...
EUVD-2025-0144
Malicious code in bioql PyPI...
Unlocking User-Oriented Pages: Intention-Driven Black-Box Scanner for Real-World Web Applications
Black-box scanners have played a significant role in detecting vulnerabilities for web applications. A key focus in current black-box scanning is increasing test coverage i.e., accessing more web pages. However, since many web applications are user-oriented, some deep pages can only be accessed...
CVE-2024-21205
Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware component: OSB Core Functionality. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Service Bus...
[SECURITY] Fedora 40 Update: libell-0.63-1.fc40
The Embedded Linux Library ELL provides core, low-level functionality for system daemons. It typically has no dependencies other than the Linux kernel, C standard library, and libdl for dynamic linking. While ELL is designed to be efficient and compact enough for use on embedded Linux platforms, ...
Fedora: Security Advisory for libel (FEDORA-2024-38faa9a2a8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RUSTSEC-2024-0397 `conrod` is unmaintained
The crate conrod has been deprecated since version 0.62.0 released in December 2018. The functionality was split across multiple different crates, with the core functionality being transferred to conrodcore. An overview can be found in the conrod repository. If you have this crate in your...
TinyMCE Cross-Site Scripting Vulnerability
Tiny Technologies TinyMCE is a rich text editor from Tiny Technologies, Inc. A security vulnerability exists in TinyMCE, which stems from a mutant cross-site scripting mXSS vulnerability discovered in TinyMCE's core undo and redo functionality...
Decimal is not correct in fee calculation
Lines of code Vulnerability details Impact The decimal doesn't match in the fee calculation, so this will break the fee calculation. Since fee calculation is very important in Mint/Burn actions, this problem can ruin the core functionality of transmuter. Proof of Concept This is the non-exact min...
CVE-2022-43684
ServiceNow has released patches and an upgrade that address an Access Control List ACL bypass issue in ServiceNow Core functionality. Additional Details This issue is present in the following supported ServiceNow releases: Quebec prior to Patch 10 Hot Fix 8b Rome prior to Patch 10 Hot Fix 1 San...
Upgraded Q -> 2 from #98 [1679803209669]
Judge has assessed an item in Issue 98 as 2 risk. The relevant finding follows: QA-01 PauseModifier is implemented in the KangarooVault.sol contract but isn't used due to not being apart of core functionality --- The text was updated successfully, but these errors were encountered: All reactions...
SUSE SLES15 Security Update : kernel (SUSE-SU-2022:2172-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2172-1 advisory. - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database aka dbx protection...
Reverb.com: XSS in main search, use class tag to imitate Reverb.com core functionality, create false login window
This is an expansion of 349684 which was flagged as a duplicate. In that bug report I explained that several HTML tags end up rendering when entered into the main search. I've since found out that the class attribute of multiple types of tags can be modified to create a realistic imitation of cor...
[SECURITY] Fedora 25 Update: php-horde-Horde-Core-2.30.0-1.fc25
These classes provide the core functionality of the Horde Application Framework...
[SECURITY] Fedora 24 Update: php-horde-Horde-Core-2.26.1-1.fc24
These classes provide the core functionality of the Horde Application Framework...
[SECURITY] Fedora 23 Update: php-horde-Horde-Core-2.26.1-1.fc23
These classes provide the core functionality of the Horde Application Framework...
[SECURITY] Fedora 25 Update: php-horde-Horde-Core-2.26.1-1.fc25
These classes provide the core functionality of the Horde Application Framework...
[SECURITY] Fedora 23 Update: php-horde-Horde-Core-2.22.4-1.fc23
These classes provide the core functionality of the Horde Application Framework...
[SECURITY] Fedora 22 Update: php-horde-Horde-Core-2.20.6-1.fc22
These classes provide the core functionality of the Horde Application Framework...
Panda Remote Heap Overflow
Date November 29, 2005 Vulnerability The Panda Antivirus Library provides file format support for virus analysis. During decompression of ZOO files Panda is vulnerable to a heap overflow allowing attackers complete control of the systems being protected. This vulnerability can be exploited remote...