EUVD-2012-0020

Malware in sbrugna...

EUVD-2018-2991

Malware in sbrugna...

EUVD-2013-4156

Malware in sbrugna...

EUVD-2024-48899

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-10189

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same...

CVE-2025-9263 Xuxueli xxl-job JobLogController.java getJobsByGroup resource injection

A vulnerability has been found in Xuxueli xxl-job up to 3.1.1. Affected by this vulnerability is the function getJobsByGroup of the file /src/main/java/com/xxl/job/admin/controller/JobLogController.java. Such manipulation of the argument jobGroup leads to improper control of resource identifiers...

CVE-2025-5185

A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. Upgrading to...

CVE-2024-8042

Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing authorization issues whereby an attacker can intercept local requests to set the name and description of a new user group. This could potentially lead to an empty user group being added to the incorrect...

CVE-2024-48450

An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute arbitrary code via uploading a crafted HTML file into chat group...

CVE-2022-49411

In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for which we are queueing requests is online Bios queued into BFQ IO scheduler can be associated with a cgroup that was already offlined. This may then cause insertion of this bfqgroup into a service tree. But...

Warehouse Inventory System 安全漏洞

Warehouse Inventory System is a Warehouse Inventory Management System by Siamon Hasan Personal Developer. A cross-site request forgery vulnerability exists in Warehouse Inventory System v2.0, which stems from the editgroup.php component not adequately verifying that a request comes from a trusted...

CVE-2022-3162 Unauthorized read of Custom Resources

Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions...

MTN Group: No rate limit in OTP code sending

The submission describes a vulnerability in the OTP One-Time Password code sending functionality of the MTN Play website. The vulnerability allows an attacker to send an unlimited number of OTP codes without any rate limiting, potentially flooding the victim's mobile inbox. The vulnerability was...

SUSE-SU-2022:1853-1 Security update for wpa_supplicant

This update for wpasupplicant fixes the following issues: - CVE-2022-23303, CVE-2022-23304: Fixed SAE/EAP-pwd side-channel attacks bsc1194732, bsc1194733 - CVE-2021-0326: Fixed P2P group information processing vulnerability bsc1181777 - Fix systemd device ready dependencies in...

CVE-2022-29585

CVE-2022-29585 affects Mahara versions prior to 20.10.5, 21.04.4, 21.10.2, and 22.04.0. The issue arises in sites using Isolated Institutions where, when more than ten groups are used, all groups are listed on page 2 of the group results instead of only those belonging to the viewer’s institution...

CVE-2021-30943

An issue in the handling of group membership was resolved with improved logic. This issue is fixed in iOS 15.2 and iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1. A malicious user may be able to leave a messages group but continue to receive messages in that group...

OPENSUSE-SU-2021:0284-1 Security update for wpa_supplicant

This update for wpasupplicant fixes the following issues: - CVE-2021-0326: P2P group information processing vulnerability bsc1181777. This update was imported from the SUSE:SLE-15:Update update project...

The vulnerability of the `check_group` function in the elflint.c library of the ELF file modification and analysis utility Elfutils, related to the occurrence of operations outside the buffer’s boundaries, allows a malicious actor to trigger a service failure.

The vulnerability of the checkgroup function in the elflint.c library of the ELF file modification and analysis utility Elfutils relates to the execution of a read operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to cause a service failure through...

Unspecified Vulnerability in GNU Binutils (CNVD-2019-22416)

GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives.Th...

Zimbra Collaboration Suite Cross-Site Scripting Vulnerability (CNVD-2018-10867)

Zimbra Collaboration Suite ZCS is an open source collaboration suite from Zimbra, Inc. that includes WebMail, Calendar, Address Book, etc. Zimbra Web Client ZWC is one of the Web-based client applications. A cross-site scripting vulnerability exists in ZWC in versions 8.8 prior to Zimbra ZCS...