EUVD-2022-51428

Malicious code in bioql PyPI...

CVE-2022-1502

Permissions were not properly verified in the API on projects using version control in Git. This allowed projects to be modified by users with only ProjectView permissions...

CVE-2024-52283

CVE-2024-52283 is described in public sources as a stored XSS vulnerability caused by missing input sanitization. The available connected documents indicate the vulnerability can be triggered when viewing a specific project, with a CVSS 3.1 base score of 5.7 (Medium) and an influence pattern of N...

CVE-2024-37367

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. This action is allowed without proper authentication verification...

CVE-2022-39350 @dependencytrack/frontend vulnerable to Persistent Cross-Site-Scripting via Vulnerability Details

@dependencytrack/frontend is a Single Page Application SPA used in Dependency-Track, an open source Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Due to the common practice of providing vulnerability details in markdown format, the...

PT-2022-13917 · Octopus Deploy +1 · Octopus Server +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns improper verification of permissions in the API for projects using Git version control. This flaw allows users with only ProjectView...

CVE-2021-22245

Improper validation of commit author in GitLab CE/EE affecting all versions allowed an attacker to make several pages in a project impossible to view...