259 matches found
EUVD-2019-2968
Malware in sbrugna...
EUVD-2017-7063
Malware in sbrugna...
EUVD-2014-4524
Malware in sbrugna...
EUVD-2021-26232
Malware in sbrugna...
EUVD-2022-26895
Malicious code in bioql PyPI...
EUVD-2023-36918
Malicious code in bioql PyPI...
EUVD-2022-41841
Malicious code in bioql PyPI...
EUVD-2022-40083
Malicious code in bioql PyPI...
EUVD-2024-19272
Malicious code in bioql PyPI...
EUVD-2025-31649
Malicious code in bioql PyPI...
EUVD-2022-1730
Malicious code in bioql PyPI...
GHSA-PF86-4W35-CJ89 Liferay Portal vulnerable to cross-site scripting in the Calendar widget
Multiple cross-site scripting XSS vulnerabilities in the Calendar widget when inviting users to a event in Liferay Portal 7.4.3.35 through 7.4.3.110, and Liferay DXP 2023.Q4.0 through 2023.Q4.4, 2023.Q3.1 through 2023.Q3.6, 7.4 update 35 through update 92, and 7.3 update 25 through update 35 allo...
PT-2025-40049
Multiple cross-site scripting XSS vulnerabilities in the Calendar widget when inviting users to a event in Liferay Portal 7.4.3.35 through 7.4.3.110, and Liferay DXP 2023.Q4.0 through 2023.Q4.4, 2023.Q3.1 through 2023.Q3.6, 7.4 update 35 through update 92, and 7.3 update 25 through update 35 allo...
Omise: 2FA requirement bypass when inviting team members
The application's requirement for users to enable 2FA before sending team invitations was bypassed by modifying client-side responses. This allowed invitations to be sent without enabling 2FA, defeating the security requirement...
CVE-2025-59421
CVE-2025-59421 affects Press, a Frappe custom app running on Frappe Cloud. The issue is a lack of validation and rate limiting that allows a malicious actor to flood a user’s inbox by repeatedly sending duplicate invitations. The vulnerability is mitigated by the fix committed as 83c3fc7676c5dbbe...
PT-2025-38410
Name of the Vulnerable Software and Affected Versions Press versions prior to commit 83c3fc7676c5dbbe1fd5092d21d95a10c7b48615 Description Press, a Frappe custom app used for managing infrastructure, subscriptions, marketplace operations, and software-as-a-service SaaS, is susceptible to a flaw th...
Press 安全漏洞
Press is a Frappe open source Frappe custom application running Frappe Cloud. A security vulnerability exists in Press, which originates from an attacker being able to send repeated invitations resulting in the user's inbox being flooded...
Linux Distros Unpatched Vulnerability : CVE-2020-13305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not invalidating project invitation link upon removing a user fr...
GitLab Enterprise Edition 安全漏洞
GitLab Enterprise Edition EE is a content management system from the U.S.-based GitLab, Inc. A security vulnerability exists in GitLab Enterprise Edition versions prior to 18.0 through 18.0.4 and 18.1 through 18.1.2, which stems from an authenticated user potentially bypassing group-level user...
Discourse 安全漏洞
Discourse is an open source community discussion platform from Discourse Open Source. The platform includes features such as communities, email, and chat rooms. A security vulnerability exists in Discourse versions prior to 3.4.4, prior to 3.5.0.beta5, and prior to 3.5.0.beta6-dev, which stems fr...