PT-2026-3061

Sites running NOAA PMEL Live Access Server LAS are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, unauthenticated attackers can execute arbitrary OS commands...

CVE-2024-34712

Oceanic is a NodeJS library for interfacing with Discord. Prior to version 1.10.4, input to functions such as Client.rest.channels.removeBan is not url-encoded, resulting in specially crafted input such as ../../../channels/id being normalized into the url /api/v10/channels/id, and deleting a...

EUVD-2024-37076

Malicious code in bioql PyPI...

EUVD-2024-49292

Malicious code in bioql PyPI...

EUVD-2024-49321

Malicious code in bioql PyPI...

EUVD-2024-49320

Malicious code in bioql PyPI...

EUVD-2024-49294

Malicious code in bioql PyPI...

EUVD-2024-49293

Malicious code in bioql PyPI...

CVE-2024-38765

Cross-Site Request Forgery CSRF vulnerability in outtheboxthemes Oceanic oceanic allows Cross Site Request Forgery.This issue affects Oceanic: from n/a through = 1.0.48...

CVE-2024-8607

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oceanic Software ValeApp allows SQL Injection. This issue affects ValeApp: before v2.0.0...

CVE-2024-8644

Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp allows Protocol Manipulation, : JSON Hijacking aka JavaScript Hijacking. This issue affects ValeApp: before v2.0.0...

CVE-2024-8608

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Oceanic Software ValeApp allows Stored XSS. This issue affects ValeApp: before v2.0.0...

CVE-2024-8609

Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information. This issue affects ValeApp: before v2.0.0...

CVE-2024-38765

Cross-Site Request Forgery CSRF vulnerability in outtheboxthemes Oceanic oceanic allows Cross Site Request Forgery.This issue affects Oceanic: from n/a through = 1.0.48...

CVE-2024-38765 WordPress Oceanic theme <= 1.0.48 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in outtheboxthemes Oceanic oceanic allows Cross Site Request Forgery.This issue affects Oceanic: from n/a through = 1.0.48...

CVE-2024-38765

CVE-2024-38765 corresponds to a CSRF vulnerability in the WordPress Oceanic theme (Freelancelot Oceanic). The CVE description states affected versions are Oceanic: from n/a through 1.0.48. The connected documents confirm the issue is CSRF, but do not provide a confirmed exploit status, affected p...

CVE-2024-38765 WordPress Oceanic theme <= 1.0.48 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in outtheboxthemes Oceanic oceanic allows Cross Site Request Forgery.This issue affects Oceanic: from n/a through = 1.0.48...

WordPress plugin Oceanic 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2024-8643

Session Fixation vulnerability in Oceanic Software ValeApp allows Brute Force, Session Hijacking. This issue affects ValeApp: before v2.0.0...

CVE-2024-8608

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Oceanic Software ValeApp allows Stored XSS.This issue affects ValeApp: before v2.0.0...