EUVD-2025-17592

Malicious code in bioql PyPI...

Apache InLong Deserialization Vulnerability (CNVD-2025-15707)

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. A deserialization vulnerability exists in Apache InLong versions prior to 1.13.0 to 2.1.0. The vulnerability stems from unsafe...

SAP Business One Integration Framework Access Control Error Vulnerability

SAP Business One Integration Framework is an integration solution for growing organizations. An access control error vulnerability exists in SAP Business One Integration Framework, which stems from insufficient security settings checking, and can be exploited by an attacker to cause a bypass 403...

Apache InLong Security Bypass Vulnerability (CNVD-2026-00041)

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. Apache InLong suffers from a security bypass vulnerability, which is caused by an insecure deserialization flaw. An attacker exploi...

Apache InLong Deserialization Vulnerability (CNVD-2025-12411)

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. Apache InLong versions 1.13.0 to 2.1.0 has a deserialization vulnerability , the vulnerability stems from the application in the...

SAP Business One Integration Framework 访问控制错误漏洞

SAP Business One Integration Framework is an integration solution for growing organizations. An access control error vulnerability exists in SAP Business One Integration Framework, which stems from insufficient security settings checking, and can be exploited by an attacker to cause a bypass 403...

Vulnerability Management Chaining: an Integrated Framework for Efficient Cybersecurity Risk Prioritization

Cybersecurity teams face an overwhelming vulnerability crisis: with 25,000+ new CVEs disclosed annually, traditional CVSS-based prioritization requires addressing 60% of all vulnerabilities while correctly identifying only 20% of those actually exploited. We propose Vulnerability Management...

Apache InLong Code Injection Vulnerability (CNVD-2024-35666)

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. A code injection vulnerability exists in Apache InLong versions 1.10.0 through 1.12.0, which can be exploited by an attacker to cau...

Apache InLong Authorization Issues Vulnerability

Apache InLong is the United States Apache Apache Foundation's one-stop massive data integration framework. An authorization issue vulnerability exists in Apache InLong versions 1.2.0 through 1.6.0. The vulnerability stems from improper privilege management. An attacker can exploit the vulnerabili...

Apache InLong Security Bypass Vulnerability (CNVD-2023-42960)

Apache InLong is the United States Apache Apache Foundation's one-stop massive data integration framework. A security bypass vulnerability exists in Apache InLong versions 1.4.0 through 1.6.0. An attacker can exploit the vulnerability to change the immutable name and type of an InLong cluster...

Apache InLong Elevation of Privilege Vulnerability

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. An elevation of privilege vulnerability exists in Apache InLong versions 1.2.0 through 1.6.0, which can be exploited by an attacker to elevate privileges...

Malicious Package

Overview integration-framework is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

MAL-2022-3857 Malicious code in integration-framework (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eab96423a267bad86afc0855732ba4c4d79dd8a3532d34337c43268c57dcadd9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Apache Gobblin Trust Management Issue Vulnerability

Apache Gobblin is a distributed data integration framework from the Apache Foundation USA. Used to simplify common aspects of big data integration, Apache Gobblin is vulnerable to a trust management issue that stems from Apache Gobblin trusting all certificates used for LDAP connections in...

Apache Gobblin 信任管理问题漏洞

Apache Gobblin is a distributed data integration framework from the Apache Foundation USA. Used to simplify common aspects of big data integration, Apache Gobblin is vulnerable to a trust management issue that stems from Apache Gobblin trusting all certificates used for LDAP connections in...

SAP Process Integration 资源管理错误漏洞

SAP Process Integration is a middleware provided by SAP Germany that enables SAP to seamlessly integrate with non-SAP applications in the company or with systems external to the company. A privilege permission and access control issue vulnerability exists in SAP Process Integration versions 7.10,...