PraisonAI 信息泄露漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.128 contained an information leakage vulnerability. This vulnerability stemmed from the AgentOS deployment platform not implementing authentication, and the default CORS...

EUVD-2022-42333

Malicious code in bioql PyPI...

CVE-2022-39888

Improper access control vulnerability in retrieveExternalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to access to Proxy information...

CVE-2022-39888

Improper access control vulnerability in retrieveExternalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to access to Proxy information...

CVE-2022-39888

Improper access control vulnerability in retrieveExternalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to access to Proxy information...

CVE-2022-39888

Improper access control vulnerability in retrieveExternalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to access to Proxy information...

CVE-2022-39888

Summary: CVE-2022-39888 is an improper access control vulnerability in Samsung Mobile’s MiscPolicy, specifically the function retrieveExternalProxy. The issue exists in versions prior to SMR Nov-2022 Release 1 and could allow a local attacker to access Proxy information. The CVSS score is 4.3 (Lo...

SUSE CVE-2023-34981

A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not include any HTTP headers no AJP SENDHEADERS messare woudl be sent for the response which in turn meant that at least one AJP proxy modproxyajp would use the response heade...

Drupal 7.58 8.3.9 8.4.6 8.5.1 - Drupalgeddon2 Remote Code Execution

Drupal 7.58 8.3.9 8.4.6 8.5.1 - Drupalgeddon2 Remote Code Execution !/usr/bin/env ruby CVE-2018-7600 Drupal &1' ; " bashcmd = "echo " + Base64.strictencode64bashcmd + " | base64 -d" - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Function httprequest type data def...

eXeem 0.21 Local Password Disclosure Exploit (asm)

No description provided by source. ;Nothing Special other than the program doesnt encode the proxy info. .386 .model flat, stdcall option casemap :none include \masm32\include\windows.inc include \masm32\include\user32.inc include \masm32\include\kernel32.inc include \masm32\include\shell32.inc...

eXeem 0.21 - Local Password Disclosure (ASM)

eXeem 0.21 - Local Password Disclosure ASM ;Nothing Special other than the program doesnt encode the proxy info. .386 .model flat, stdcall option casemap :none include \masm32\include\windows.inc include \masm32\include\user32.inc include \masm32\include\kernel32.inc include...

eXeem 0.21 - Local Password Disclosure (ASM)

;Nothing Special other than the program doesnt encode the proxy info. .386 .model flat, stdcall option casemap :none include \masm32\include\windows.inc include \masm32\include\user32.inc include \masm32\include\kernel32.inc include \masm32\include\shell32.inc include \masm32\include\advapi32.inc...