10 matches found
MAL-2026-4381 Malicious code in @digicroz/typed-api-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32c8c3e9ffd3f994b21011084101df521e232c2ee5dbe93fd51f36977549f2dc The exported paymentGateways.pay0Pg.createOrder API does not call pay0.shop directly. Instead, dist/index.js hardcodes a base URL of...
CVE-2025-12486
Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Heimdall Data Database Proxy. Minimal user interaction is required to exploit this vulnerability. The specific...
CVE-2025-12486 Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability
Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Heimdall Data Database Proxy. Minimal user interaction is required to exploit this vulnerability. The specific...
Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Heimdall Data Database Proxy. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the handling of the database event logs. The issue results from the...
PT-2025-44564
Name of the Vulnerable Software and Affected Versions Heimdall Data Database Proxy affected versions not specified Description This issue allows remote attackers to execute arbitrary code on affected installations of Heimdall Data Database Proxy with minimal user interaction. The flaw resides in...
org.apache.inlong:audit-proxy (>=1.10.0 <=1.12.0), org.apache.inlong:dataproxy-dist (>=1.10.0 <=1.12.0) +20 more potentially affected by CVE-2024-36268 via org.apache.inlong:tubemq-core (>=1.10.0 <=1.12.0)
org.apache.inlong:tubemq-core MAVEN version =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.12.0 and more Source cves: CVE-2024-36268 Source advisory: OSV:GHSA-QFF2-8QW7-HCVW...
Self-Service Password Reset Central Store Creation Tool
SSPR Central Store Creation Tool Created Date: Sept 23, 2016 Updated Date: Sept 23, 2016 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to t...
cxf: JMX integration is vulnerable to a MITM attack
Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle MITM style attack. An...
SAP Sybase Unwired Platform Online Data Proxy Information Disclosure Vulnerability
SAP Sybase Unwired Platform is a suite of enterprise-grade mobile application platforms.Online Data Proxy is one of the online data proxy modules. A security vulnerability in SAP Sybase Unwired Platform Online Data Proxy allows a local attacker to exploit the DataVault library to obtain username...
CVE-2015-3978
CVE-2015-3978 affects the SAP Sybase Unwired Platform Online Data Proxy. A vulnerability in the DataVault library could allow a local attacker to obtain usernames and passwords, as noted in SAP Security Note 2094830. The CVSS-derived data indicates a local attack with low base severity and partia...