EUVD-2022-3151

Malicious code in bioql PyPI...

EUVD-2022-4274

Malicious code in bioql PyPI...

Echor Ruby Gem credentials can be stolen via process table monitoring

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table...

GHSA-J4GX-P3X5-M987 Echor Ruby Gem credentials can be stolen via process table monitoring

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table...

Echor contains Command Injection

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password...

GHSA-8936-CGJ4-PHR2 Echor contains Command Injection

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password...

RubyGems echor 'backplane.rb' remote command injection vulnerability

RubyGems echor is a Ruby-based Echo application developed by software developer Pedro Del Gallego. A remote command injection vulnerability exists in RubyGems echor, which stems from the program failing to adequately filter user-submitted input data. An attacker could use this vulnerability to...

RubyGems echor Plaintext Credential Local Information Disclosure Vulnerability

RubyGems echor is a Ruby-based Echo application developed by software developer Pedro Del Gallego. A local information disclosure vulnerability exists in RubyGems echor Plaintext Credential. A local attacker can exploit this vulnerability to obtain sensitive information such as credentials...

CVE-2014-1835

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table...

Default credentials

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password...

Denial of service

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table...

CVE-2014-1834

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password...

CVE-2014-1834

The CVE-2014-1834 entry concerns the echor 0.1.6 Ruby Gem (backplane.rb) where the perform_request function allows local users to inject arbitrary commands by inserting a semicolon into their username or password. The root cause is insufficient input handling for user-supplied credentials, enabli...

CVE-2014-1835

CVE-2014-1835 affects the echor Ruby Gem (version 0.1.6) with a vulnerable perform_request implementation in /lib/echor/backplane.rb. This local-information-disclosure flaw allows an unprivileged local user to monitor the process table and obtain plaintext login credentials. The CVSS data in the ...

CVE-2014-1835

The performrequest function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table...

echor Gem for Ruby Process Listing Local Plaintext Credential Disclosure

echor Gem for Ruby contains a flaw that is due to the program exposing credential information in the system process listing. This may allow a local attacker to gain access to plaintext credential information...

echor Gem for Ruby backplane.rb perform_request Function Arbitrary Command Execution

Echor Gem for Ruby contains a flaw in backplane.rb in the performrequest function that is triggered when a semi-colon ; is injected into a username or password. This may allow a context-dependent attacker to inject arbitrary commands if the gem is used in a rails application...