6 matches found
EUVD-2023-36107
Malicious code in bioql PyPI...
GHSA-MRQG-MWH7-Q94J Host header injection in the password reset
Summary The password reset functionality sends to the the user requesting a password change an email containing an URL to reset its password. The URL sent contains a unique token, valid during 24 hours, allowing the user to reset its password. This token is highly sensitive ; as an attacker able ...
CVE-2022-3173
Improper Authentication in GitHub repository snipe/snipe-it prior to 6.0.10...
ZOHO ManageEngine ServiceDesk Plus Information Disclosure Vulnerability (CNVD-2022-29863)
ZOHO ManageEngine ServiceDesk Plus SDP is a set of ITIL-based IT service management software from ZOHO, USA. The software integrates incident management, issue management, asset management IT project management, procurement and contract management, and other functional modules.ZOHO ManageEngine...
ZOHO ManageEngine ServiceDesk Plus Licensing Issue Vulnerability
ZOHO ManageEngine ServiceDesk Plus SDP is a set of ITIL-based IT service management software from ZOHO. The software integrates incident management, issue management, asset management IT project management, procurement and contract management, etc. An authorization issue vulnerability exists in...
Man Pleads Guilty To Stealing Source Code From Federal Reserve
A 33 year-old Chinese man pleaded guilty in U.S. Federal Court to stealing proprietary source code used by the U.S. Federal Reserve to help track billions of dollars in government transfers that occur daily, according to a report by Reuters. Bo a.k.a. “Bryan” Zhang was employed as a contract work...