EUVD-2022-5034

Malicious code in bioql PyPI...

CVE-2023-44122

The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings "com.lge.lockscreensettings" app in the "com/lge/lockscreensettings/dynamicwallpaper/MyCategoryGuideActivity.java" file. The main problem is that the app launches implicit intents that can be...

GHSA-QVHF-3567-PC4V Sandbox bypass vulnerability in Script Security Plugin

Sandbox protection in Script Security Plugin 1.70 and earlier can be circumvented through: - Crafted constructor calls and bodies due to an incomplete fix of SECURITY-582 - Crafted method calls on objects that implement GroovyInterceptable This allows attackers able to specify and run sandboxed...

CVE-2020-20128

LaraCMS v1.0.1 transmits sensitive information in cleartext which can be intercepted by attackers...

jenkins-script-security-plugin: sandbox protection bypass leads to arbitrary code execution

Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted method calls on objects that implement GroovyInterceptable...

PT-2020-15343 · Jenkins · Jenkins Script Security Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1.70 and earlier Description: The sandbox protection in the Jenkins Script Security Plugin could be circumvented through crafted constructor calls and bodies, as well as crafted method calls on objects...