786 matches found
EUVD-2024-16543
Malicious code in bioql PyPI...
EUVD-2025-25108
Malicious code in bioql PyPI...
EUVD-2025-29122
Malicious code in bioql PyPI...
EUVD-2023-40663
Malicious code in bioql PyPI...
CVE-2025-10204 Unauth Admin Reset Password on AC Smart II
A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization. This page contains a hidden form for resetting the administrator password. The attacker can manipulate the page using developer tools to display and use the form. This form allows you to chang...
CVE-2025-10204
AC Smart II contains an authentication bypass vulnerability (CVE-2025-10204) due to a hidden admin password-reset form that can be manipulated via browser developer tools to display and use the form. The form allows changing the administrator password without verifying login status or permissions...
PT-2025-37410
Name of the Vulnerable Software and Affected Versions AC Smart II affected versions not specified Description A vulnerability exists in AC Smart II that allows unauthorized password changes. A hidden form for resetting the administrator password is present on a page, which can be manipulated usin...
KLA87522 ACE vulnerability in Microsoft Developer Tools
A remote code execution vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to execute arbitrary code, bypass security restrictions. Original advisories CVE-2025-55319 Related products Visual-Studio-Code CVE list CVE-2025-55319 critical KB list...
KLA87521 PE vulnerability in Microsoft Developer Tools
An elevation of privilege vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-49734 Related products PowerShell CVE list CVE-2025-49734 high Solution Install necessary updates from the KB section, th...
CVE-2025-58818
Cross-Site Request Forgery CSRF vulnerability in SwiftNinjaPro Developer Tools Blocker swiftninjapro-inspect-element-console-blocker allows Cross Site Request Forgery.This issue affects Developer Tools Blocker: from n/a through = 3.2.1...
CVE-2025-58818
Cross-Site Request Forgery CSRF vulnerability in SwiftNinjaPro Developer Tools Blocker swiftninjapro-inspect-element-console-blocker allows Cross Site Request Forgery.This issue affects Developer Tools Blocker: from n/a through = 3.2.1...
CVE-2025-58818
CVE-2025-58818 is a CSRF vulnerability in the WordPress plugin Developer Tools Blocker (SwiftNinjaPro) affecting versions up to 3.2.1. Technical details across sources confirm CSRF as the root cause and that exploitation could enable actions on behalf of authenticated users. Mitigation: update to...
CVE-2025-58818 WordPress Developer Tools Blocker Plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in SwiftNinjaPro Developer Tools Blocker swiftninjapro-inspect-element-console-blocker allows Cross Site Request Forgery.This issue affects Developer Tools Blocker: from n/a through = 3.2.1...
CVE-2025-58818 WordPress Developer Tools Blocker Plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in SwiftNinjaPro Developer Tools Blocker swiftninjapro-inspect-element-console-blocker allows Cross Site Request Forgery.This issue affects Developer Tools Blocker: from n/a through = 3.2.1...
WordPress Developer Tools Blocker Plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin Developer Tools Blocker versions = 3.2.1...
PT-2025-36157
Name of the Vulnerable Software and Affected Versions: SwiftNinjaPro Developer Tools Blocker versions through 3.2.1 Description: The software contains a Cross-Site Request Forgery CSRF flaw. This allows attackers to perform actions on behalf of an authenticated user without their knowledge...
WordPress plugin Developer Tools Blocker 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox < 110.
...
HCL Compass 安全漏洞
HCL Compass is a low-code change management software from HCL India. Managing the full range of testing activities and integration with developer tools. HCL Compass suffers from a security vulnerability that stems from could lead to unauthorized access to the database by an attacker...
CVE-2025-55301
The Scratch Channel CVE-2025-55301 affects version 1 of The Scratch Channel (the news site) where localStorage can be manipulated via the browser DevTools to edit the account username locally. This is a client-side storage integrity issue occurring in version 1; it was addressed in version 1.1. T...