EUVD-2023-1775

Malicious code in bioql PyPI...

Schneider Electric PowerLogic HDPM6000 安全漏洞

The Schneider Electric PowerLogic HDPM6000 is a high-density metering system from Schneider Electric France. A security vulnerability exists in the Schneider Electric PowerLogic HDPM6000 that stems from the inclusion of an authorization bypass via user control key vulnerability that could allow a...

SQL Injection

umbraco is vulnerable to SQL injection. The vulnerability is due to insufficient input validation in API endpoint handling, that allows attackers to inject SQL code through modified requests...

GHSA-CH48-9R3Q-PV7X Vaadin vulnerable to possible information disclosure of class and method names in RPC response

Description Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 to 24.1.0.rc2, resulting in potential information disclosure of class and method names in RPC responses by sending modified requests...

Information disclosure

Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 to 24.1.0.rc2, resulting in potential information disclosure of class and method names in RPC responses by sending modified requests...

CVE-2023-25500

Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 to 24.1.0.rc2, resulting in potential information disclosure of class and method names in RPC responses by sending modified requests...

CVE-2023-25500

Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 to 24.1.0.rc2, resulting in potential information disclosure of class and method names in RPC responses by sending modified requests...

K11818407: REST Framework vulnerability CVE-2019-6602

Security Advisory Description The Configuration utility login page may not follow best security practices when handling a malicious request. CVE-2019-6602 Impact BIG-IP The Configuration utility login page returns an inconsistent HTTP response when processing modified requests; this may provide...

Unspecified Vulnerability in Multiple F5 Products (CNVD-2019-37181)

F5 BIG-IP, etc. are all products of F5 Corporation in the U.S. F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, etc. F5 Enterprise Manager is an application delivery platform that provides a view of the enti...

CVE-2016-0713

Gorouter in Cloud Foundry cf-release v141 through v228 allows man-in-the-middle attackers to conduct cross-site scripting XSS attacks via vectors related to modified requests...

X-Cart Privilege Access Vulnerability

X-Cart is an open source PHP e-commerce software . The software provides favorites , order records and inventory management modules. A security vulnerability exists in X-Cart 5.1.10 and earlier versions. A remote attacker can exploit this vulnerability by sending a modified update or delete reque...