417 matches found
EUVD-2023-2217
Malicious code in bioql PyPI...
EUVD-2023-2927
Malicious code in bioql PyPI...
EUVD-2025-24054
Malicious code in bioql PyPI...
EUVD-2024-54894
Malicious code in bioql PyPI...
EUVD-2022-1969
Malicious code in bioql PyPI...
Widespread npm Supply Chain Attack: Breaking Down Impact & Scope Across Debug, Chalk, and Beyond
A deeper look at the npm debug/chalk supply-chain incident: deobfuscating the wallet-hijacking browser interceptor, quantifying the 2-hour exposure with Wiz telemetry 99% package prevalence, 10% malware presence, and unpacking what made it spread so fast...
CVE-2025-50900
An issue was discovered in getrebuild/rebuild 4.0.4. The affected source code class is com.rebuild.web.RebuildWebInterceptor, and the affected function is preHandle In the filter code, use CodecUtils.urlDecoderequest.getRequestURI to obtain the URL-decoded request path, and then determine whether...
Linux Distros Unpatched Vulnerability : CVE-2025-49140
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be...
CVE-2025-50900
An issue was discovered in getrebuild/rebuild 4.0.4. The affected source code class is com.rebuild.web.RebuildWebInterceptor, and the affected function is preHandle In the filter code, use CodecUtils.urlDecoderequest.getRequestURI to obtain the URL-decoded request path, and then determine whether...
CVE-2025-50900
An issue was discovered in getrebuild/rebuild 4.0.4. The affected source code class is com.rebuild.web.RebuildWebInterceptor, and the affected function is preHandle In the filter code, use CodecUtils.urlDecoderequest.getRequestURI to obtain the URL-decoded request path, and then determine whether...
PT-2025-34664 · Getrebuild · Rebuild
Name of the Vulnerable Software and Affected Versions: getrebuild/rebuild version 4.0.4 Description: An issue exists in the com.rebuild.web.RebuildWebInterceptor class, specifically within the preHandle function. The code uses CodecUtils.urlDecoderequest.getRequestURI to decode the request path a...
CVE-2025-50900
An issue was discovered in getrebuild/rebuild 4.0.4. The affected source code class is com.rebuild.web.RebuildWebInterceptor, and the affected function is preHandle In the filter code, use CodecUtils.urlDecoderequest.getRequestURI to obtain the URL-decoded request path, and then determine whether...
CVE-2025-50900
An issue was discovered in getrebuild/rebuild 4.0.4. The affected source code class is com.rebuild.web.RebuildWebInterceptor, and the affected function is preHandle In the filter code, use CodecUtils.urlDecoderequest.getRequestURI to obtain the URL-decoded request path, and then determine whether...
CVE-2025-50900
CVE-2025-50900 affects getrebuild/rebuild 4.0.4. The issue resides in com.rebuild.web.RebuildWebInterceptor.preHandle, where the filter decodes the request URI and checks if the path ends with /error. If it does not, the code redirects to /user/login, potentially allowing an unauthenticated attac...
CVE-2024-57152
Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class...
CVE-2024-57152
Summary: CVE-2024-57152 affects my-site v1.0.2 due to incorrect access control in the preHandle function of the cn.luischen.interceptor.BaseInterceptor class, enabling unauthenticated access to sensitive components. The CVSS v3.1 base score is 7.5 (HIGH); attack vector is NETWORK, with LOW attack...
CVE-2024-57152
Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class...
PT-2025-34146 · My-Site · My-Site
Name of the Vulnerable Software and Affected Versions: my-site version 1.0.2 Description: Incorrect access control in the preHandle function allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class. Recommendations: Update to a...
CVE-2024-57152
Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class...
Linux Distros Unpatched Vulnerability : CVE-2022-32091
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB v10.7 was discovered to contain an use-after-poison in in interceptormemset at /libsanitizer/sanitizercommon/sanitizercommoninterceptors.inc...