30 matches found
EUVD-2019-14345
Malware in sbrugna...
EUVD-2020-25939
Malware in sbrugna...
EUVD-2022-27550
Malicious code in bioql PyPI...
EUVD-2024-24502
Malicious code in bioql PyPI...
Malicious code in petal-dashboard-ui (npm)
The package petal-dashboard-ui was found to contain malicious code...
MAL-2025-29085 Malicious code in petal-dashboard-ui (npm)
The package petal-dashboard-ui was found to contain malicious code...
Malicious code in tidb-dashboard-ui (npm)
The package tidb-dashboard-ui was found to contain malicious code...
Security Bulletin: IBM Sterling B2B Integrator Dashboard UI is vulnerable to sensitive information exposure (CVE-2021-39087)
Summary IBM Sterling B2B Integrator dashboard UI has addressed a sensitive information exposure security vulnerability. Vulnerability Details CVEID:CVE-2021-39087 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow an authenticated user to obtain sensitive information due to...
CVE-2023-5445
An open redirect vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2, allows a remote low privileged user to modify the URL parameter for the purpose of redirecting URL requests to a malicious site. This impacts the dashboard area of the user interface. A user would need to be logg...
Security Bulletin: The dashboard UI of IBM Sterling B2B Integrator is vulnerable to information disclosure (CVE-2023-22876)
Summary IBM Sterling B2B Integrator has addressed the information disclosure vulnerability. Vulnerability Details CVEID:CVE-2023-22876 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow a privileged user to obtain sensitive information that could aid in further attacks against...
Security Bulletin: The dasboard UI of IBM Sterling B2B Integrator is vulnerable to improper permission control (CVE-2022-40231)
Summary IBM Sterling B2B Integrator has addressed the improper permission control security vulnerability in the dashboard UI. Vulnerability Details CVEID:CVE-2022-40231 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow an authenticated user to perform unauthorized actions due ...
CVE-2022-22404
IBM App Connect Enterprise Certified Container Dashboard UI IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1 may be vulnerable to denial of service due to excessive rate limiting...
Design/Logic Flaw
IBM App Connect Enterprise Certified Container Dashboard UI IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1 may be vulnerable to denial of service due to excessive rate limiting...
CVE-2022-22404
IBM App Connect Enterprise Certified Container Dashboard UI IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1 may be vulnerable to denial of service due to excessive rate limiting...
CVE-2022-22404
The CVE-2022-22404 entry concerns IBM App Connect Enterprise Certified Container Dashboard UI vulnerability in the Dashboard components for versions 1.5, 2.0, 2.1, 3.0 and 3.1, caused by excessive rate limiting that can lead to denial of service. The issue has CVSS v3.0 base score 6.5 (Network, L...
GHSA-7RQ6-7GV8-C37H Missing Authorization with Default Settings in Dashboard UI
Dashboard UI in Hangfire.Core uses authorization filters to protect it from showing sensitive data to unauthorized users. By default when no custom authorization filters specified, LocalRequestsOnlyAuthorizationFilter filter is being used to allow only local requests and prohibit all the remote...
Missing Authorization with Default Settings in Dashboard UI
Dashboard UI in Hangfire.Core uses authorization filters to protect it from showing sensitive data to unauthorized users. By default when no custom authorization filters specified, LocalRequestsOnlyAuthorizationFilter filter is being used to allow only local requests and prohibit all the remote...
CVE-2021-41238 Missing Authorization with Default Settings in Dashboard UI
Hangfire is an open source system to perform background job processing in a .NET or .NET Core applications. No Windows Service or separate process required. Dashboard UI in Hangfire.Core uses authorization filters to protect it from showing sensitive data to unauthorized users. By default when no...
CVE-2019-4738
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in further attacks against the system. IBM X-Force ID: 172753...
Design/Logic Flaw
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in further attacks against the system. IBM X-Force ID: 172753...