24 matches found
CVE-2026-35462
Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, API keys with an expiresAt date are never validated against the current time during authentication. Any API key — regardless of its expiration date — is accepted indefinitely, allowing a user whose key has expire...
Malicious Package
Overview react-expiry-date is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
PT-2026-1563
Name of the Vulnerable Software and Affected Versions MoneySpace plugin for WordPress versions prior to 2.13.9 Description The MoneySpace plugin for WordPress exhibits a sensitive information exposure issue. The plugin stores complete payment card details – including Primary Account Number PAN,...
[SECURITY] [DLA 4403-1] tzdata new timezone database
------------------------------------------------------------------------- Debian LTS Advisory DLA-4403-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 12, 2025 https://wiki.debian.org/LTS -...
EUVD-2025-31736
Malicious code in bioql PyPI...
CVE-2025-52050
In Frappe ERPNext 15.57.5, the function getloyaltyprogramdetailswithpoints at erpnext/accounts/doctype/loyaltyprogram/loyaltyprogram.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the expirydate parameter...
CVE-2025-52050
In Frappe ERPNext 15.57.5, the function getloyaltyprogramdetailswithpoints at erpnext/accounts/doctype/loyaltyprogram/loyaltyprogram.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the expirydate parameter...
PT-2025-39992
Name of the Vulnerable Software and Affected Versions Frappe ERPNext version 15.57.5 Description The get loyalty program details with points function located at erpnext/accounts/doctype/loyalty program/loyalty program.py is susceptible to SQL Injection. An attacker can inject a SQL query into the...
CVE-2025-52050
In Frappe ERPNext 15.57.5, the function getloyaltyprogramdetailswithpoints at erpnext/accounts/doctype/loyaltyprogram/loyaltyprogram.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the expirydate parameter...
CVE-2025-52050
CVE-2025-52050 affects Frappe ERPNext 15.57.5. The vulnerability is in function get_loyalty_program_details_with_points() (loyalty_program.py) and is caused by SQL injection via the expiry_date parameter, allowing an attacker to extract all information from databases. The connected documents prov...
CVE-2025-52050
In Frappe ERPNext 15.57.5, the function getloyaltyprogramdetailswithpoints at erpnext/accounts/doctype/loyaltyprogram/loyaltyprogram.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the expirydate parameter...
Frappe Technologies Frappe 安全漏洞
Frappe Technologies Frappe is a Python, Mariadb-based web development framework with integrated front-end pages from Frappe Technologies, India. A security vulnerability exists in Frappe Technologies Frappe version 15.57.5, which stems from insufficient validation of the expirydate parameter and...
CVE-2025-52050
In Frappe ERPNext 15.57.5, the function getloyaltyprogramdetailswithpoints at erpnext/accounts/doctype/loyaltyprogram/loyaltyprogram.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the expirydate parameter...
MAL-2025-5051 Malicious code in react-expiry-date (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 744273ea7bca5335d9f20514a81c835c0cad1558b2b206721aed050a41f0acea Any computer that has this package installed or running should be considered...
Malicious code in react-expiry-date (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 744273ea7bca5335d9f20514a81c835c0cad1558b2b206721aed050a41f0acea Any computer that has this package installed or running should be considered...
Error: The CSS expiry date in your license does not support this product version
After upgrading XenDesktop, error can be seen in Studio: "The Customer Success Services CSS expiry date in your license does not support this product version. This product version is not supported by licenses that are available on the License Server and connections cannot be made. Renew Customer...
PhonePe Information Disclosure Vulnerability
PhonePe wallet a.k.a. com.PhonePe.app application for Android is an Android-based cashless payment application by Phonepe Private India. A security vulnerability exists in versions 3.0.6 through 3.3.26 of the PhonePe Wallet application for Android-based platforms. The vulnerability can be exploit...
CVE-2018-17402
The PhonePe wallet aka com.PhonePe.app application 3.0.6 through 3.3.26 for Android might allow attackers to discover the Credit/Debit card number, expiration date, and CVV number. NOTE: the vendor says that, to exploit this, the user has to explicitly install a malicious app and provide...
op5 Monitor Persistent Session Cookie
The remote web server has a version of op5 Monitor that improperly handles session cookies. The application sets an expiry date on cookies, causing logins to persist across sessions. Additionally, cookies are not reissued after login. Note that most versions affected by this vulnerability are als...
ROS-2-2878
2.2878 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS RED SOFT LLC notifies of the extension of the validity of the previously obtained FSTEC of Russia Certificate of Conformity No. 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You c...