PT-2026-37120

Name of the Vulnerable Software and Affected Versions YARD versions prior to 0.9.42 Description A path traversal issue exists when using yard server to serve documentation. This flaw allows unsanitized HTTP requests to access arbitrary files on the host machine under certain conditions. Path...

Reliance on Untrusted Inputs in a Security Decision

Overview @cubejs-backend/api-gateway is a package that provides idempotent long polling API. Affected versions of this package are vulnerable to Reliance on Untrusted Inputs in a Security Decision due to the improper request sanitization. An attacker can gain unauthorized access to higher privile...

Prototype Pollution

Overview elysia is an Ergonomic Framework for Human Affected versions of this package are vulnerable to Prototype Pollution via the mergeDeep function after merging results of two standard schema validations with the same key. An attacker can achieve remote code execution by supplying crafted inp...

EUVD-2017-17519

Malware in sbrugna...

EUVD-2020-12198

Malware in sbrugna...

EUVD-2018-0665

Malware in sbrugna...

EUVD-2018-20223

Malware in sbrugna...

EUVD-2020-8817

Malware in sbrugna...

EUVD-2019-9932

Malware in sbrugna...

EUVD-2020-2401

Malware in sbrugna...

EUVD-2019-9618

Malware in sbrugna...

EUVD-2020-8836

Malware in sbrugna...

EUVD-2020-11942

Malware in sbrugna...

EUVD-2020-12388

Malware in sbrugna...

EUVD-2020-2362

Malware in sbrugna...

EUVD-2020-8914

Malware in sbrugna...

EUVD-2020-12448

Malware in sbrugna...

EUVD-2020-11992

Malware in sbrugna...

EUVD-2020-2391

Malware in sbrugna...

EUVD-2020-2394

Malware in sbrugna...