Allocation of Resources Without Limits or Throttling

Overview zae-limiter is a Rate limiting library backed by DynamoDB with token bucket algorithm Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the acquire function. An attacker can cause elevated latency and rejected requests for...

CVE-2026-25814

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, User-controlled query parameters are passed directly into DynamoDB query/filter construction without validation or sanitization...

CVE-2026-25814 NoSQL Injection Risk via Unsanitized Query Parameters

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, User-controlled query parameters are passed directly into DynamoDB query/filter construction without validation or sanitization...

PlaciPy 注入漏洞

PlaciPy is an open-source employment management system developed by Praskla Technology. It aims to simplify the employment processes for students, trainers, and managers in educational institutions. Version 1.0.0 of PlaciPy contains a vulnerability that stems from unvalidated or unchecked...

CVE-2023-34085

When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request...

Malicious code in Bе.Vlaandеren.Basisrеgisters.NisCodeService.DуnamoDb (NuGet)

--- -= Per source details. Do not edit below this line.=-...