128 matches found
EUVD-2018-15437
Malware in sbrugna...
EUVD-2021-2093
Malware in sbrugna...
EUVD-2018-3852
Malware in sbrugna...
EUVD-2024-54497
Malicious code in bioql PyPI...
EUVD-2023-47941
Malicious code in bioql PyPI...
EUVD-2024-54495
Malicious code in bioql PyPI...
EUVD-2025-9896
Malicious code in bioql PyPI...
Security Bulletin: IBM Event Processing is vulnerable due to Incorrect Default Permissions (CVE-2025-30706)
Summary IBM Event Processing is vulnerable due to incorrect default permissions in the MySQL Connectors product specifically, Connector/J. This connector is used in IBM Event Processing to enable Java-based components to interact with MySQL databases for storing and retrieving event-related data...
Security Bulletin: IBM Event Processing is vulnerable to Improper Authentication
Summary IBM Event Processing's backend contains a version of JDBC driver that may allow unwanted connections. Vulnerability Details CVEID:CVE-2025-49146 DESCRIPTION: pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with...
[SECURITY] Fedora 42 Update: libinput-1.28.903-1.fc42
libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. It provides device detection, device handling, input device event processing and abstraction so minimize the amount of custom input code the user of libinput...
Security Bulletin: Multiple Vulnerabilities in IBM Event Processing
Summary Multiple vulnerabilities were addressed in IBM Event Processing version 1.4.1 Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression...
CVE-2022-50166
CVE-2022-50166 affects the Linux kernel Bluetooth HCI subsystem. When the HCI work queue is drained, a delayed command could still be queued to the drained workqueue, triggering a timeout in hci_cmd_timeout and a kernel warning. The root cause is the draining of the command/event/data processing ...
Security Bulletin: IBM Event Processing is vulnerable to an Authorization Bypass (CVE-2025-29927)
Summary IBM Event Processing is vulnerable to an Authorization Bypass due to the use of a Next.js component. Since Next.js can be used in the UI layer or API routing, unauthorized users may gain access to protected resources or functionalities, potentially compromising the system's integrity...
Security Bulletin: IBM Event Processing is vulnerable to Server-Side Request Forgery (SSRF) and credential leakage due to the axios package (CVE-2025-27152).
Summary IBM Event Processing is vulnerable to Server-Side Request Forgery SSRF and credential leakage due to the usage of axios package. The axios package is used in event processing to send or retrieve data via HTTP calls, enabling integration with external services or REST APIs during event...
CVE-2021-1024
In onEventReceived of EventResultPersister.java, there is a possible intent redirection due to a confused deputy. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android I...
CVE-2021-35119
Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2024-47217
An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47214, but involves an authenticated endpoint. It can render Iglu Server completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would eventually halt...
CVE-2024-47213
An issue was discovered affecting Enrich 5.1.0 and below. It involves sending a maliciously crafted Snowplow event to the pipeline. Upon receiving this event and trying to validate it, Enrich crashes and attempts to restart indefinitely. As a result, event processing would be halted...
CVE-2024-47214
An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47212, but involves a different kind of malicious payload. As above, it can render Iglu Server completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would...
CVE-2024-47217
An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47214, but involves an authenticated endpoint. It can render Iglu Server completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would eventually halt...