8 matches found
EUVD-2024-43807
Malicious code in bioql PyPI...
CVE-2025-50100
...
ROS-20250424-09
The vulnerability in Google Chrome and Microsoft Edge browsers is related to the possibility of memory usage after a release. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of protected information. confidentiality,...
CVE-2025-21498
...
Improper Access Control in liukuo362573/yishaadmin
Description https://www.github.com/liukuo362573/yishaadmin has an endpoint "/admin/File/UploadFile" that allows uploading files without authentication. Root-cause Server doesn't check user's permission when attacker access the endpoint. After that, server will directly call UploadFile function wi...
Adequate Attack Data and Threat Information Sharing No Longer a Luxury
BOSTON – While some industry groups such as the Financial Services Information Sharing and Analysis Center FS-ISAC and cross-industry groups such as the Advanced Cyber Security Center ACSC facilitate the exchange of threat information, for the most part organizations are still hamstrung by legal...
Nonexistent Page (404) Physical Path Disclosure
The remote web server reveals the physical path of the webroot when a nonexistent page is requested. While printing errors to the output is useful for debugging applications, this feature should be disabled on production servers. C Tenable Network Security, Inc. Vulnerable servers: Pi3Web/2.0.0...
CVE-2014-0194
...