98 matches found
EUVD-2025-22740
Malicious code in bioql PyPI...
EUVD-2023-38702
Malicious code in bioql PyPI...
EUVD-2024-47005
Malicious code in bioql PyPI...
CVE-2025-9581
A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multipppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phyinterface results in command injection. The attack may be initiated remotely. The exploit is now public and may be used...
CVE-2025-55287
Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Stored Cross-Site Scripting XSS vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and UI...
CVE-2025-55288
Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Reflected Cross-Site Scripting XSS vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and U...
CVE-2025-55287 Genealogy has a stored XSS vulnerability
Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Stored Cross-Site Scripting XSS vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and UI...
CVE-2025-55287 Genealogy has a stored XSS vulnerability
Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Stored Cross-Site Scripting XSS vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and UI...
PT-2025-33675 · Genealogy · Genealogy
Name of the Vulnerable Software and Affected Versions: Genealogy versions prior to 4.4.0 Description: Genealogy is a family tree PHP application susceptible to an authenticated reflected cross-site scripting XSS issue. An attacker with valid credentials can execute arbitrary JavaScript code withi...
PT-2025-33674 · Genealogy · Genealogy
Name of the Vulnerable Software and Affected Versions: Genealogy versions prior to 4.4.0 Description: Genealogy is a family tree PHP application susceptible to an authenticated stored cross-site scripting XSS issue. Attackers with valid credentials can execute arbitrary JavaScript code within...
CVE-2025-52448
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux validate-initial-sql api modules allows Interface Manipulation data access to the production database cluster. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before...
CVE-2025-52447
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux set-initial-sql tabdoc command modules allows Interface Manipulation data access to the production database cluster. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12,...
CVE-2025-52447
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux set-initial-sql tabdoc command modules allows Interface Manipulation data access to the production database cluster. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12,...
CVE-2025-52448
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux validate-initial-sql api modules allows Interface Manipulation data access to the production database cluster. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before...
CVE-2025-52446
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux tab-doc api modules allows Interface Manipulation data access to the production database cluster.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19...
CVE-2025-52448
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux validate-initial-sql api modules allows Interface Manipulation data access to the production database cluster. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before...
CVE-2025-52448
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux validate-initial-sql api modules allows Interface Manipulation data access to the production database cluster. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before...
CVE-2025-52448
CVE-2025-52448 : An authorization bypass in Salesforce Tableau Server on Windows and Linux stems from a vulnerability in the validate-initial-sql API modules that allows interface manipulation and data access to the production database cluster via a user-controlled key. Affected Tableau Server ve...
CVE-2025-52447
Summary of CVE-2025-52447: Affected product is Tableau Server (Salesforce) on Windows and Linux. The vulnerability arises from an authorization bypass through the user-controlled set-initial-sql tabdoc command modules, enabling interface manipulation and potential data access to the production da...
CVE-2025-52447
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux set-initial-sql tabdoc command modules allows Interface Manipulation data access to the production database cluster. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12,...