EUVD-2021-30961

Malicious code in bioql PyPI...

Unsafe Dependency Resolution

Overview conda-forge-metadata is a programatic access to conda-forge's metadata Affected versions of this package are vulnerable to Unsafe Dependency Resolution due to an unclaimed optional dependency. The package specifies an optional dependency on conda-oci-mirror, which is neither present on t...

PT-2024-15254 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The issue is marked as a duplicate and is no longer used. No further details are provided about the nature of the issue or its potential impact...

CVE-2024-2503 Exclusive Addons for Elementor <= 2.6.9.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via Post Grid

The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Grid Widget in all versions up to, and including, 2.6.9.2 due to insufficient input sanitization and output escaping on user supplied tags. This makes it possible for authenticated...

CVE-2023-46267

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-5631. Reason: This candidate is a duplicate of CVE-2023-5631. Notes: All CVE users should reference CVE-2023-5631 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

CVE-2023-2078 Buy Me a Coffee – Button and Widget Plugin <= 3.7 - Missing Authorization

The "Buy Me a Coffee – Button and Widget Plugin" plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the recievepost, bmcdisconnect, namepost, and widgetpost functions in versions up to, and including, 3.7. This makes it possible for...

CVE-2020-20703

Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter...

SUSE CVE-2023-34255

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-2124. Reason: This candidate is a duplicate of CVE-2023-2124. Notes: All CVE users should reference CVE-2023-2124 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

SUSE CVE-2018-4700

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-4300. Reason: This candidate is a duplicate of CVE-2018-4300. Notes: All CVE users should reference CVE-2018-4300 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

CL - throttle

Duplicate of 46 --- The text was updated successfully, but these errors were encountered: All reactions...

SingleNativeTokenExitV2 doesn't take input deadline to consideration

Handle kenzo Vulnerability details SingleNativeTokenExitV2 takes as input from the user a deadline for the trades. However, it does not use this input for the actual trade but sets the deadline to be block.timestamp. Impact Trades will not work as expected. User might set a deadline for the trade...

Cross-site Request Forgery (CSRF)

Amendment This issue was found to be a duplicate. The original vulnerability with details can be found here...

NewStart CGSL CORE 5.04 / MAIN 5.04 : cups Multiple Vulnerabilities (NS-SA-2020-0067)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has cups packages installed that are affected by multiple vulnerabilities: - In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. CVE-2018-4180, CVE-2018-418...

Microsoft Windows Contact File Format Arbitary Code Execution

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw is due to the processing of ".contact...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10242. Reason: This candidate is a reservation duplicate of CVE-2016-10242. Notes: All CVE users should reference CVE-2016-10242 instead of this candidate. All references and descriptions in this candidate have been removed t...

CVE-2018-14032

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-11206. Reason: This candidate is a reservation duplicate of CVE-2018-11206. Notes: All CVE users should reference CVE-2018-11206 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

Inflection: HTTP Host Header Injection on app.goodhire.com

Researcher reported an issue that was previously reported by a different researcher and subsequently removed from program scope and then requested that we publicly disclose the report after closing it as a duplicate...

Inflection: Goodhire Open Redirect

Researcher reported a duplicate issue...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-8317. Reason: This candidate is a reservation duplicate of CVE-2015-8317. Notes: All CVE users should reference CVE-2015-8317 instead of this candidate. All references and descriptions in this candidate have been removed to...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5196. Reason: This candidate is a reservation duplicate of CVE-2014-5196. Notes: All CVE users should reference CVE-2014-5196 instead of this candidate. All references and descriptions in this candidate have been removed to...