EUVD-2021-29003

Malicious code in bioql PyPI...

SUSE CVE-2023-28161

If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. This is potentially dangerous if the local files came from different sources, suc...

XSS in button home page

Description vuln was find in File/Documents/Home , any button in page Proof of Concept 1. Login in URL : https://demo.pimcore.fun/admin 2. Go to File - Open Documents - Home 3. click any button in page - Edit Link 4. in tab Advanced, inject payload to : Attributes key="value" For more understandi...

Siemens Mendix Information Disclosure Vulnerability

A security vulnerability exists in Siemens Mendix, a low-code application development platform from Siemens, Germany. The vulnerability stems from the fact that applications built with the affected version of Mendix Studio Pro do not prevent the caching of file documents when opening or downloadi...

Input validation

A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.26, Mendix Applications using Mendix 8 All versions V8.18.12, Mendix Applications using Mendix 9 All versions V9.6.1. Applications built with affected versions of Mendix Studio Pro do not prevent file...

CVE-2021-42015

The CVE affects Mendix-based applications: Mendix 7 (all versions before 7.23.26), Mendix 8 (before 8.18.12), and Mendix 9 (before 9.6.1). Applications built with affected Mendix Studio Pro do not prevent file documents from being cached by a browser when opened or downloaded, enabling a local at...