24 matches found
CVE-2025-65519
mayswind ezbookkeeping versions 1.2.0 and earlier contain a critical vulnerability in JSON and XML file import processing. The application fails to validate nesting depth during parsing operations, allowing authenticated attackers to trigger denial of service conditions by uploading deeply nested...
EUVD-2024-53640
Malicious code in bioql PyPI...
EUVD-2024-53641
Malicious code in bioql PyPI...
SUSE CVE-2024-57604
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
GO-2025-3466 Missing rate limit in MaysWind ezBookkeeping in github.com/mayswind/ezbookkeeping
Missing rate limit in MaysWind ezBookkeeping in github.com/mayswind/ezbookkeeping...
GO-2025-3474 MaysWind ezBookkeeping has Improper Privilege Management in github.com/mayswind/ezbookkeeping
MaysWind ezBookkeeping has Improper Privilege Management in github.com/mayswind/ezbookkeeping...
CVE-2024-57603
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting...
CVE-2024-57604
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
GHSA-772M-773G-QMHC Missing rate limit in MaysWind ezBookkeeping
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting...
Missing rate limit in MaysWind ezBookkeeping
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting...
MaysWind ezBookkeeping has Improper Privilege Management
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
GHSA-MPG8-8X9C-P9GV MaysWind ezBookkeeping has Improper Privilege Management
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
CVE-2024-57604
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
CVE-2024-57603
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting...
CVE-2024-57603
CVE-2024-57603 affects MaysWind ezBookkeeping 0.7.0 and describes privilege escalation via lack of rate limiting. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L) yields a base score of 6.3 (MEDIUM) with network attack vector, low confidentiality/integrity/availability impact, and low pr...
CVE-2024-57604
CVE-2024-57604 affects MaysWind ezBookkeeping 0.7.0. A remote attacker can escalate privileges via the token component. CVSS v3.1 shows: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H with base score 9.8 (CRITICAL). Connected sources also corroborate the same product and issue. The available documents do no...
CVE-2024-57604
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
CVE-2024-57603
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting...
CVE-2024-57604
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
CVE-2024-57603
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting...