Command injection via malicious Perforce repository definition

Impact The Perforce::generateP4Command method constructed shell commands by interpolating user-supplied Perforce connection parameters port, user, client without proper escaping. An attacker controlling a repository configuration in a malicious composer.json declaring a Perforce VCS repository...

EUVD-2024-17221

Malicious code in bioql PyPI...

CVE-2024-1471

An HTML injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Repository parameters, which could lead to HTML redirection attacks...

CVE-2024-1471

An HTML injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Repository parameters, which could lead to HTML redirection attacks...

CVE-2024-1471 HTML Injection Vulnerability

An HTML injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Repository parameters, which could lead to HTML redirection attacks...

SQLite Cross-Site Scripting Vulnerability

SQLite is a lightweight database that is ACID compliant relational database management system. A security vulnerability exists in sqlite. A remote attacker can exploit the vulnerability to modify repository parameters...

The vulnerability of the libzypp-plugin-appdata plugin for SUSE Linux Enterprise operating systems, which allows a hacker to execute arbitrary code.

The vulnerability of the libzypp-plugin-appdata plugin in SUSE Linux Enterprise operating systems exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows an attacker to execute arbitrary code using speciall...