13 matches found
EUVD-2022-5673
Malicious code in bioql PyPI...
BIT-DRUPAL-2020-13665
Access bypass vulnerability in Drupal Core allows JSON:API when JSON:API is in read/write mode. Only sites that have the readonly set to FALSE under jsonapi.settings config are vulnerable. This issue affects: Drupal Drupal Core 8.8.x versions prior to 8.8.8; 8.9.x versions prior to 8.9.1; 9.0.x...
GHSA-QV37-MFJF-42H8 Plaintext storage of tokens in pulp_ansible
The collection remote for pulpansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API instead of marking it as write only...
CVE-2022-3644
The collection remote for pulpansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API instead of marking it as write only...
Design/Logic Flaw
The collection remote for pulpansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API instead of marking it as write only...
CVE-2008-2544
Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise...
Security feature bypass
Access bypass vulnerability in Drupal Core allows JSON:API when JSON:API is in read/write mode. Only sites that have the readonly set to FALSE under jsonapi.settings config are vulnerable. This issue affects: Drupal Drupal Core 8.8.x versions prior to 8.8.8; 8.9.x versions prior to 8.9.1; 9.0.x...
CVE-2020-13665
Access bypass vulnerability in Drupal Core allows JSON:API when JSON:API is in read/write mode. Only sites that have the readonly set to FALSE under jsonapi.settings config are vulnerable. This issue affects: Drupal Drupal Core 8.8.x versions prior to 8.8.8; 8.9.x versions prior to 8.9.1; 9.0.x...
CVE-2018-16867
A flaw was found in qemu Media Transfer Protocol MTP before version 3.1.0. A path traversal in the in usbmtpwritedata function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lea...
CVE-2018-1000049
Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled...
CVE-2018-1000049
Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled...
Remote code execution
Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled...
CVE-2018-1000049
Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled...