22 matches found
cc.chensoul.nacos:nacos-distribution (=2.5.2), cn.sparrowmini:sparrow-org-service (=0.0.1) +625 more potentially affected by CVE-2026-22746 via org.springframework.security:spring-security-core (>=5.8.0 <=5.8.2)
org.springframework.security:spring-security-core MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =2.6.0 and more Source cves: CVE-2026-22746 Source advisory: OSV:GHSA-VXF7-QJ7Q-83FH...
cc.chensoul.nacos:nacos-distribution (=2.5.2), com.buession.security:buession-security-spring (>=3.0.0 <=3.0.1) +521 more potentially affected by CVE-2026-22732 via org.springframework.security:spring-security-web (>=5.8.0 <=5.8.16)
org.springframework.security:spring-security-web MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =4.5.0, =4.5.0, =4.5.1 and more Source cves: CVE-2026-22732 Source advisory: OSV:GHSA-MF92-479X-3373...
EUVD-2022-4776
Malicious code in bioql PyPI...
com.erudika:para-jar (>=1.30.0 <=1.50.7), com.erudika:para-war (>=1.24.4 <=1.49.5) potentially affected by CVE-2025-49009 via com.erudika:para-server (>=1.24.4 <=1.50.7)
com.erudika:para-server MAVEN version =1.24.4, =1.30.0, =1.24.4, =1.49.5 Source cves: CVE-2025-49009 Source advisory: OSV:GHSA-QX7G-FX8Q-545G...
com.erudika:para-jar (>=1.30.0 <=1.50.7), com.erudika:para-war (>=1.24.4 <=1.49.5) potentially affected by CVE-2025-49009 via com.erudika:para-server (>=1.24.4 <=1.50.7)
com.erudika:para-server MAVEN version =1.24.4, =1.30.0, =1.24.4, =1.49.5 Source cves: CVE-2025-49009 Source advisory: SNYK:JAVA-COMERUDIKA-10304840...
CVE-2022-1848
Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...
CVE-2022-1848
Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...
CVE-2022-1848
Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...
Code injection
Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...
CVE-2022-1848
CVE-2022-1848 affects the Erudika Para project prior to version 1.45.11. Multiple connected sources describe a business logic error, including a race condition in com.erudika:para-core (validateObject) that can allow a user to abuse account/app-related logic. This is documented across sources (Gi...
CVE-2022-1848 Business Logic Errors in erudika/para
Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...
CVE-2022-1848 Business Logic Errors in erudika/para
Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...
Erudika Para 安全漏洞
Erudika Para is a command line interface from Erudika Bulgaria. A security vulnerability exists in Erudika Para prior to version 1.45.11 that stems from a business logic error...
Erudika Para Cross-Site Scripting Vulnerability
Erudika Para is a command-line interface from the Bulgarian company Erudika. cross-site scripting vulnerability exists in versions prior to Erudika Para v1.45.11, which stems from a function in Utils.java that lacks filtering and escaping for user data. An attacker could use this vulnerability to...
Cross-site Scripting in com.erudika:para-core
Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...
GHSA-PHVW-R25P-8XV7 Cross-site Scripting in com.erudika:para-core
Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...
CVE-2022-1782
Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...
Cross site scripting
Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...
CVE-2022-1782 Cross-site Scripting (XSS) - Generic in erudika/para
Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...
CVE-2022-1782
CVE-2022-1782 affects the GitHub repo erudika/para, with a Cross-site Scripting (XSS) vulnerability in versions prior to v1.45.11. The root cause is described as a data handling flaw in the code path (Utils.java) that fails to filter/escape user input, enabling an attacker to inject JavaScript. I...