draw.io < 18.0.5 - Server Side Request Forgery (SSRF)

Server-Side Request Forgery SSRF vulnerability in draw.io also known as diagrams.net prior to version 18.0.5 allows attackers to bypass URL validation restrictions in the ProxyServlet component. The vulnerability exists because the application does not properly validate URLs passed to its proxy...

Drawio <18.1.2 - Server-Side Request Forgery

Drawio before 18.1.2 is susceptible to server-side request forgery via the /service endpoint in jgraph/drawio. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-1815 info: nam...

EUVD-2023-44065

Malicious code in bioql PyPI...

EUVD-2022-25064

Malicious code in bioql PyPI...

EUVD-2022-42565

Malicious code in bioql PyPI...

EUVD-2022-42496

Malicious code in bioql PyPI...

EUVD-2022-42636

Malicious code in bioql PyPI...

EUVD-2022-25005

Malicious code in bioql PyPI...

EUVD-2022-25004

Malicious code in bioql PyPI...

EUVD-2022-25008

Malicious code in bioql PyPI...

EUVD-2022-43210

Malicious code in bioql PyPI...

EUVD-2023-44600

Malicious code in bioql PyPI...

EUVD-2022-42572

Malicious code in bioql PyPI...

EUVD-2022-34320

Malicious code in bioql PyPI...

EUVD-2023-43718

Malicious code in bioql PyPI...

EUVD-2023-44598

Malicious code in bioql PyPI...

EUVD-2022-25003

Malicious code in bioql PyPI...

EUVD-2022-34321

Malicious code in bioql PyPI...

EUVD-2023-44599

Malicious code in bioql PyPI...

EUVD-2022-42560

Malicious code in bioql PyPI...