14 matches found
EUVD-2017-14138
Malware in sbrugna...
EUVD-2020-29667
Malware in sbrugna...
EUVD-2023-44401
Malicious code in bioql PyPI...
EUVD-2021-8555
Malicious code in bioql PyPI...
EUVD-2024-0072
Malicious code in bioql PyPI...
CVE-2020-14014
An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. The query parameter fid on the resource navigate.php does not perform sufficient data validation and/or encoding, making it vulnerable to reflected XSS...
KLA74117 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Parce...
PYSEC-2024-217
Gradio is an open-source Python package designed for quick prototyping. This is a data validation vulnerability affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting requests that bypass expected...
GHSA-4Q3C-CJ7G-JCWF Gradio has several components with post-process steps allow arbitrary file leaks
Impact What kind of vulnerability is it? Who is impacted? This is a data validation vulnerability affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting requests that bypass expected input...
KLA71827 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, bypass security restrictions, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Inappropriate...
KLA15736 DoS vulnerability in Microsoft Browser
Data validation vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2022-3075 Related products Microsoft-Edge CVE list CVE-2022-3075 critical KB list Solution Install necessary updates from the Settings a...
Twisted Input Validation Error Vulnerability
Twisted is an event-driven open source web engine written in the Python language. An input validation error vulnerability exists in Twisted version 19.10.0 and earlier. The vulnerability stems from a network system or product that does not properly validate incoming data. No details of the...
WordPress Ultimate FAQ Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Ultimate FAQ is a FAQ plugin used in it. A cross-site scripting vulnerability exists in WordPress Ultimate FAQ versions prior to 1.8.30...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Studio Photo 3.6.6.779. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...