236 matches found
EUVD-2023-33697
Malicious code in bioql PyPI...
EUVD-2025-21413
Malicious code in bioql PyPI...
EUVD-2024-42528
Malicious code in bioql PyPI...
EUVD-2025-19860
Malicious code in bioql PyPI...
EUVD-2024-50731
Malicious code in bioql PyPI...
EUVD-2025-20432
Malicious code in bioql PyPI...
EUVD-2025-20783
Malicious code in bioql PyPI...
EUVD-2024-25339
Malicious code in bioql PyPI...
EUVD-2023-2444
Malicious code in bioql PyPI...
EUVD-2025-15051
Malicious code in bioql PyPI...
EUVD-2022-3714
Malicious code in bioql PyPI...
EUVD-2023-34210
Malicious code in bioql PyPI...
Auth0 Wordpress plugin Does Not Properly Handle File Types in Bulk User Import
Overview In applications built with the Auth0-PHP SDK, the Bulk User Import endpoint does not validate the file path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths or URLs. Am I affected? You are affected by this vulnerability if you meet the...
auth0-PHP SDK Does Not Properly Handle File Types in Bulk User Import
Overview In applications built with the Auth0-PHP SDK, the Bulk User Import endpoint does not validate the file path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths or URLs. Am I affected? You are affected by this vulnerability if you meet the...
CVE-2025-58769
auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...
CVE-2025-58769 auth0-PHP: Improper File Type Handling in Bulk User Import
auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...
CVE-2025-58769 auth0-PHP: Improper File Type Handling in Bulk User Import
auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...
PT-2025-40296
Name of the Vulnerable Software and Affected Versions auth0-PHP versions 3.3.0 through 8.16.0 Description The Bulk User Import endpoint does not validate file path wrappers or values, potentially allowing acceptance of arbitrary file paths or URLs. This affects applications directly using the...
CVE-2025-10307 Backuply – Backup, Restore, Migrate and Clone <= 1.4.8 - Authenticated (Admin+) Arbitrary File Deletion
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete backup functionality in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with...
CISA Thorium 安全漏洞
CISA Thorium is a highly scalable distributed malware analysis and data generation framework for the U.S. Cybersecurity and Infrastructure Security Administration CISA government division. A security vulnerability exists in CISA Thorium versions prior to 1.1.2 that stems from insufficient...