252 matches found
Malicious code in babel-pal (npm)
The package babel-pal was found to contain malicious code...
MAL-2025-15289 Malicious code in babel-pal (npm)
The package babel-pal was found to contain malicious code...
CVE-2025-54834
OPEXUS FOIAXpress Public Access Link PAL version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check for the existence of valid usernames. There are no rate-limiting mechanisms in place...
OPEXUS FOIAXpress Public Access Link(OPEXUS FOIAXpress PAL) 安全漏洞
OPEXUS FOIAXpress Public Access Link OPEXUS FOIAXpress PAL is a secure public-facing web portal from OPEXUS that connects organizations with requesters and integrates with payment solutions, including payment solutions. A security vulnerability exists in OPEXUS FOIAXpress Public Access Link OPEXU...
CVE-2025-49453
Cross-Site Request Forgery CSRF vulnerability in Jatinder Pal Singh BP Profile as Homepage bp-profile-as-homepage allows Stored XSS.This issue affects BP Profile as Homepage: from n/a through = 1.1...
CVE-2025-49453
Cross-Site Request Forgery CSRF vulnerability in Jatinder Pal Singh BP Profile as Homepage bp-profile-as-homepage allows Stored XSS.This issue affects BP Profile as Homepage: from n/a through = 1.1...
CVE-2025-49453 WordPress BP Profile as Homepage plugin <= 1.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Jatinder Pal Singh BP Profile as Homepage bp-profile-as-homepage allows Stored XSS.This issue affects BP Profile as Homepage: from n/a through = 1.1...
SUSE CVE-2025-5645
A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. Attacking locally is a requirement. The complexity of ...
UBUNTU-CVE-2025-5646
A vulnerability has been found in Radare2 5.9.9 and classified as problematic. This vulnerability affects the function rconsrainbowfree in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the attack on...
CVE-2024-48047
Cross-Site Request Forgery CSRF vulnerability in Razon Komar Pal Linked Variation for WooCommerce linked-variation-for-woocommerce allows Cross Site Request Forgery.This issue affects Linked Variation for WooCommerce: from n/a through = 1.0.5...
CVE-2018-11922
Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user...
PT-2025-8940 · Trivision · Trivision Camera Nc227Wf
Name of the Vulnerable Software and Affected Versions: Trivision Camera NC227WF version 5.8.0 Description: An Authentication Bypass issue allows an attacker to retrieve administrator's credentials in cleartext. This is achieved by sending a request to the "/en/player/activex pal.asp" API endpoint...
CVE-2024-33039
Memory corruption when PAL client calls PAL service APIs by passing a random value as handle and the handle is not validated by the service...
CVE-2024-33039
CVE-2024-33039 concerns memory corruption in Qualcomm PAL components when a PAL client passes a random, unvalidated handle to PAL service APIs. The available sources consistently describe this as an unvalidated handle dereference that can lead to memory corruption, with the issue documented acros...
CVE-2024-33039 Untrusted Pointer Dereference in Audio
Memory corruption when PAL client calls PAL service APIs by passing a random value as handle and the handle is not validated by the service...
PT-2024-25084 · Pal · Pal
Name of the Vulnerable Software and Affected Versions: PAL affected versions not specified Description: The issue occurs when the PAL client calls PAL service APIs by passing a random value as a handle, and the handle is not validated by the service, resulting in memory corruption. Recommendation...
CVE-2018-11922
Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user...
CVE-2018-11922 Configurations in Android Build
Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user...
CVE-2018-11922 Configurations in Android Build
Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user...
PT-2024-10612 · Touchpal · Touch Pal
Name of the Vulnerable Software and Affected Versions: Touch Pal application affected versions not specified Description: The issue concerns a wrong configuration in the Touch Pal application that can lead to the collection of user behavior data without the user's awareness. Recommendations: At t...