EUVD-2022-4274

Malicious code in bioql PyPI...

EUVD-2022-3151

Malicious code in bioql PyPI...

Echor Ruby Gem credentials can be stolen via process table monitoring

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table...

GHSA-J4GX-P3X5-M987 Echor Ruby Gem credentials can be stolen via process table monitoring

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table...

Echor contains Command Injection

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password...

GHSA-8936-CGJ4-PHR2 Echor contains Command Injection

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password...

RubyGems echor Plaintext Credential Local Information Disclosure Vulnerability

RubyGems echor is a Ruby-based Echo application developed by software developer Pedro Del Gallego. A local information disclosure vulnerability exists in RubyGems echor Plaintext Credential. A local attacker can exploit this vulnerability to obtain sensitive information such as credentials...

RubyGems echor 'backplane.rb' remote command injection vulnerability

RubyGems echor is a Ruby-based Echo application developed by software developer Pedro Del Gallego. A remote command injection vulnerability exists in RubyGems echor, which stems from the program failing to adequately filter user-submitted input data. An attacker could use this vulnerability to...

Default credentials

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password...

Denial of service

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table...

CVE-2014-1835

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table...

CVE-2014-1834

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password...

CVE-2014-1835

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table...

CVE-2014-1835

CVE-2014-1835 affects the echor Ruby Gem (version 0.1.6) with a vulnerable perform_request implementation in /lib/echor/backplane.rb. This local-information-disclosure flaw allows an unprivileged local user to monitor the process table and obtain plaintext login credentials. The CVSS data in the ...

CVE-2014-1834

The CVE-2014-1834 entry concerns the echor 0.1.6 Ruby Gem (backplane.rb) where the perform_request function allows local users to inject arbitrary commands by inserting a semicolon into their username or password. The root cause is insufficient input handling for user-supplied credentials, enabli...

echor Gem for Ruby Process Listing Local Plaintext Credential Disclosure

echor Gem for Ruby contains a flaw that is due to the program exposing credential information in the system process listing. This may allow a local attacker to gain access to plaintext credential information...

echor Gem for Ruby backplane.rb perform_request Function Arbitrary Command Execution

Echor Gem for Ruby contains a flaw in backplane.rb in the performrequest function that is triggered when a semi-colon ; is injected into a username or password. This may allow a context-dependent attacker to inject arbitrary commands if the gem is used in a rails application...