21 matches found
EUVD-2024-50325
Malicious code in bioql PyPI...
EUVD-2025-12186
Malicious code in bioql PyPI...
EUVD-2025-12185
Malicious code in bioql PyPI...
CVE-2025-1521
PostHog slackincomingwebhook Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists with...
CVE-2025-1521
PostHog slackincomingwebhook Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists with...
CVE-2025-1522
PostHog databaseschema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1522
PostHog databaseschema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1521
PostHog slackincomingwebhook Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists with...
CVE-2025-1522 PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability
PostHog databaseschema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1522
CVE-2025-1522 describes a server-side request forgery and information disclosure in PostHog related to the implementation of the database_schema method. The flaw stems from insufficient validation of a URI before accessing resources, enabling an attacker to disclose data within the service accoun...
CVE-2025-1522 PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability
PostHog databaseschema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1521 PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability
PostHog slackincomingwebhook Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists with...
CVE-2025-1521 PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability
PostHog slackincomingwebhook Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists with...
PT-2025-7891 · Posthog · Posthog
Name of the Vulnerable Software and Affected Versions: PostHog affected versions not specified Description: The issue is related to a Server-Side Request Forgery SSRF and Information Disclosure vulnerability in the database schema of PostHog. Recommendations: At the moment, there is no informatio...
PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the SQL parser. The issue results from the lack of proper validation...
PT-2025-7890 · Posthog · Posthog
Name of the Vulnerable Software and Affected Versions: PostHog versions affected versions not specified Description: The issue concerns a Server-Side Request Forgery SSRF and Information Disclosure vulnerability. Recommendations: At the moment, there is no information about a newer version that...
PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the slackincomingwebhook parameter. The issue results from the lack of...
PT-2025-7940 · Posthog · Posthog
Name of the Vulnerable Software and Affected Versions: PostHog affected versions not specified Description: The issue concerns a SQL injection vulnerability in PostHog's ClickHouse table functions, potentially leading to remote code execution. Recommendations: At the moment, there is no informati...
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the databaseschema method. The issue results from the lack of proper...
CVE-2022-0645
Open redirect vulnerability via endpoint authorizeandredirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1...