18 matches found
EUVD-2025-10024
Malicious code in bioql PyPI...
CVE-2025-3323
A vulnerability classified as critical was found in godcheese/code-projects Nimrod 0.8. Affected by this vulnerability is the function searchAllByName of the file ViewMenuCategoryRestController.java. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely...
CVE-2025-3324
A vulnerability, which was classified as critical, has been found in godcheese/code-projects Nimrod 0.8. Affected by this issue is some unknown functionality of the file FileRestController.java. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotel...
CVE-2025-3324
A vulnerability, which was classified as critical, has been found in godcheese/code-projects Nimrod 0.8. Affected by this issue is some unknown functionality of the file FileRestController.java. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotel...
CVE-2025-3324 godcheese/code-projects Nimrod FileRestController.java unrestricted upload
A vulnerability, which was classified as critical, has been found in godcheese/code-projects Nimrod 0.8. Affected by this issue is some unknown functionality of the file FileRestController.java. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotel...
CVE-2025-3323
A vulnerability classified as critical was found in godcheese/code-projects Nimrod 0.8. Affected by this vulnerability is the function searchAllByName of the file ViewMenuCategoryRestController.java. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely...
CVE-2025-3323
A vulnerability classified as critical was found in godcheese/code-projects Nimrod 0.8. Affected by this vulnerability is the function searchAllByName of the file ViewMenuCategoryRestController.java. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely...
CVE-2025-3323
The CVE-2025-3323 entry affects godcheese/code-projects Nimrod 0.8, specifically the searchAllByName function in ViewMenuCategoryRestController.java. The vulnerability arises from improper handling of the Name argument, leading to SQL injection. The issue can be exploited remotely and the exploit...
CVE-2025-3323 godcheese/code-projects Nimrod ViewMenuCategoryRestController.java searchAllByName sql injection
A vulnerability classified as critical was found in godcheese/code-projects Nimrod 0.8. Affected by this vulnerability is the function searchAllByName of the file ViewMenuCategoryRestController.java. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely...
CVE-2025-3323 godcheese/code-projects Nimrod ViewMenuCategoryRestController.java searchAllByName sql injection
A vulnerability classified as critical was found in godcheese/code-projects Nimrod 0.8. Affected by this vulnerability is the function searchAllByName of the file ViewMenuCategoryRestController.java. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely...
nimrod SQL注入漏洞
nimrod is a Spring Boot-based enterprise-grade monolithic application rapid development framework for the Java Web platform by the individual developer godcheese. A SQL injection vulnerability exists in nimrod version 0.8, which stems from the fact that incorrect manipulation of the parameter Nam...
nimrod 代码问题漏洞
nimrod is a Spring Boot-based enterprise-grade monolithic application rapid development framework for the Java Web platform by the individual developer godcheese. A code issue vulnerability exists in nimrod version 0.8, which stems from an incorrect operation of the parameter File that can lead t...
PT-2025-15125 · Nimrod · Nimrod
Name of the Vulnerable Software and Affected Versions: Nimrod version 0.8 Description: A critical issue has been found in the software, affecting some unknown functionality of the file FileRestController.java. The manipulation of the File argument leads to unrestricted upload. The attack can be...
PT-2025-15124 · Nimrod · Nimrod
Name of the Vulnerable Software and Affected Versions: godcheese/code-projects Nimrod version 0.8 Description: A critical vulnerability exists in godcheese/code-projects Nimrod 0.8. The vulnerability affects the searchAllByName function within the ViewMenuCategoryRestController.java file...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : snapd vulnerability (USN-4728-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4728-1 advisory. Gilad Reti and Nimrod Stoler discovered that snapd did not correctly specify cgroup delegation when generating systemd service units for...
Vulnerability in OpenSSL - 0-byte record padding oracle
If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...
Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)
现在流行的服务器和客户端使用TLS加密, 然而由于错误配置, 许多服务器仍然支持SSLv2, 这是一种古老的协议, 许多客户端已经不支持 SSLv2。 DROWN攻击可以威胁到还在支持 SSLv2 的服务端和客户端,允许攻击者通过发送 probe 到支持 SSLv2 的使用相同密钥的服务端和客户端解密 TLS 通信。 官方关于漏洞的公告: A cross-protocol attack was discovered that could lead to decryption of TLS sessions by using a server supporting SSLv2 and...
Vulnerability in OpenSSL - SSLv2 doesn't block disabled ciphers
A malicious client can negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been disabled, provided that the SSLv2 protocol was not also disabled via SSLOPNOSSLv2. Found by Nimrod Aviram and Sebastian Schinzel...