144 matches found
CVE-2026-15622
A flaw has been found in poco-ai poco-claw up to 0.5.4. Affected is the function getworkspacefile of the file executormanager/app/api/v1/workspace.py of the component Workspace API. Executing a manipulation of the argument userid can lead to authorization bypass. The attack may be launched...
CVE-2026-15622 poco-ai poco-claw Workspace API workspace.py get_workspace_file authorization
A flaw has been found in poco-ai poco-claw up to 0.5.4. Affected is the function getworkspacefile of the file executormanager/app/api/v1/workspace.py of the component Workspace API. Executing a manipulation of the argument userid can lead to authorization bypass. The attack may be launched...
EUVD-2026-43599
A flaw has been found in poco-ai poco-claw up to 0.5.4. Affected is the function getworkspacefile of the file executormanager/app/api/v1/workspace.py of the component Workspace API. Executing a manipulation of the argument userid can lead to authorization bypass. The attack may be launched...
CVE-2026-15622
The CVE-2026-15622 entry concerns poco-ai poco-claw Workspace API. Affects the function get_workspace_file in executor_manager/app/api/v1/workspace.py; manipulating the user_id parameter can bypass authorization. Impact is an authorization bypass that can be triggered remotely, with a proof-of-co...
CVE-2025-23689
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Poco Blogger Image Import allows Stored XSS.This issue affects Blogger Image Import: from 2.1 through n/a...
EUVD-2019-0282
Malware in sbrugna...
EUVD-2017-1597
Malware in sbrugna...
EUVD-2014-0388
Malware in sbrugna...
EUVD-2024-33094
Malicious code in bioql PyPI...
EUVD-2025-23873
Malicious code in bioql PyPI...
EUVD-2025-3345
Malicious code in bioql PyPI...
EUVD-2025-18796
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-6375
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file...
Linux Distros Unpatched Vulnerability : CVE-2025-45766
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - poco v1.14.1-release was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an...
Linux Distros Unpatched Vulnerability : CVE-2023-52389
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and...
SUSE CVE-2025-45766
poco v1.14.1-release was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is...
CVE-2025-45766
poco v1.14.1-release was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is...
CVE-2025-45766
poco v1.14.1-release was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is...
DEBIAN-CVE-2025-45766
poco v1.14.1-release was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is...
UBUNTU-CVE-2025-45766
poco v1.14.1-release was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is...