EUVD-2021-9339

Malicious code in bioql PyPI...

CVE-2025-11195

Rapid7 AppSpider Pro versions below 7.5.021 are affected by a project name validation bypass. The issue arises from insufficient verification of project name uniqueness when editing the configuration file outside the application, allowing an attacker to set a project name to one that already exis...

Rapid7 AppSpider Pro 数据伪造问题漏洞

Rapid7 AppSpider Pro is a dynamic application security testing solution from Rapid7, Inc. that allows you to scan Web and mobile applications for vulnerabilities. A data forgery issue vulnerability exists in Rapid7 AppSpider Pro versions prior to 7.5.021, which stems from insufficient project nam...

CVE-2021-45456

Apache kylin checks the legitimacy of the project before executing some commands with the project name passed in by the user. There is a mismatch between what is being checked and what is being used as the shell command argument in DiagnosisService. This may cause an illegal project name to pass...

Apache Kylin 命令注入漏洞

Apache Kylin is an open source distributed analytic data warehouse from the Apache Foundation. The product mainly provides SQL query interface and multidimensional analysis OLAP on top of Hadoop/Spark. Apache kylin is vulnerable to operating system command injection, which stems from the fact tha...