EUVD-2019-5478

Malware in sbrugna...

EUVD-2019-5480

Malware in sbrugna...

EUVD-2025-27726

Malicious code in bioql PyPI...

CVE-2025-2506

When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it...

CVE-2025-2506

When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it...

CVE-2025-2506

When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it...

CVE-2025-2506

CVE-2025-2506 affects pglogical 3.x (proprietary to EDB) with integration into BDR/PGD 4/5. The issue arises when pglogical attempts replication without verifying it is on a replication connection, enabling a user with CONNECT on a replication-configured database to run pglogical commands and rea...

CVE-2025-2506

When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it...

CVE-2019-14238

On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated with a debug probe via the Instruction Tightly Coupled Memory ITCM bus...

CVE-2019-14236

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated by observing CPU registers and the effect of code/instruction execution...

CVE-2024-47166

Gradio CVE-2024-47166 is a one-level read path traversal in the /custom_component endpoint. An attacker can leak source code from custom Gradio components by manipulating the file path, potentially exposing proprietary or private code on publicly accessible servers. Affected: Gradio (Python packa...

CVE-2024-47166 One-level read path traversal in `/custom_component` in Gradio

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a one-level read path traversal in the /customcomponent endpoint. Attackers can exploit this flaw to access and leak source code from custom Gradio components by manipulating the file path in the...

GHSA-37QC-QGX6-9XJV Gradio has a one-level read path traversal in `/custom_component`

Impact What kind of vulnerability is it? Who is impacted? This vulnerability involves a one-level read path traversal in the /customcomponent endpoint. Attackers can exploit this flaw to access and leak source code from custom Gradio components by manipulating the file path in the request. Althou...

[SECURITY] Fedora 34 Update: nbdkit-1.26.5-1.fc34

NBD is a protocol for accessing block devices hard disks and disk-like things over the network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal license BSD allows...

Code injection

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated by observing CPU registers and the effect of code/instruction execution...

[Full-disclosure] Arbitrary file disclosure vulnerability in IP3 NetAccess < 4.1.9.6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I - TITLE Security advisory: Arbitrary file disclosure vulnerability in IP3 NetAccess leads to full system compromise II - SUMMARY Description: Arbitrary file disclosure vulnerability in IP3 NetAccess leads to full system compromise Author: Sebastian...

IP3 NetAccess 4.1.9.6 - Arbitrary File Disclosure

IP3 NetAccess 4.1.9.6 - Arbitrary File Disclosure I - TITLE Security advisory: Arbitrary file disclosure vulnerability in IP3 NetAccess leads to full system compromise II - SUMMARY Description: Arbitrary file disclosure vulnerability in IP3 NetAccess leads to full system compromise Author:...

kayakoXSS.txt

--BQPnanjtCNWHyqYD Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable http://www.google.com/search?q=3D%22Powered+By+kayako+eSupport%22+%22search= +the+entire+knowledgebase%22 1290 customers according to Google...

[Full-Disclosure] Kayako eSupport v2.3.1 Support Tracker XSS Vulnerability

http://www.google.com/search?q=22Powered+By+kayako+eSupport22+22search+the+entire+knowledgebase22 1290 customers according to Google. http://support.kayako.com/index.php?a=knowledgebase&j=questiondetails&i=2&nav=XSS&nav2=General20eSupport20Q&A Vendor notified by their access log files and this...