EUVD-2022-45961

Malicious code in bioql PyPI...

PT-2024-34599 · Lunary Ai · Lunary

Name of the Vulnerable Software and Affected Versions: lunary-ai/lunary version 1.2.4 Description: An account takeover issue exists due to the exposure of password recovery tokens in API responses. When a user initiates the password reset process, the recovery token is included in the response of...

ManageEngine SupportCenter Plus < 11.0 Build 11025

The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 11.0 Build 11025. It is, therefore, affected by a vulnerability as referenced in the support-centercve-2022-42903 advisory. - Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to...

Code injection

Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list...

CVE-2022-42903

Summary: CVE-2022-42903 affects Zoho ManageEngine SupportCenter Plus up to version 11.0 Build 11024. The issue allows low-privileged users to view the organization users list, indicating an access-control exposure. Affected product/versions (per provided documents): Zoho ManageEngine SupportCente...

CVE-2022-42903

Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list...

CVE-2022-42903

Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list...