PT-2026-37120

Name of the Vulnerable Software and Affected Versions YARD versions prior to 0.9.42 Description A path traversal issue exists when using yard server to serve documentation. This flaw allows unsanitized HTTP requests to access arbitrary files on the host machine under certain conditions. Path...

Reliance on Untrusted Inputs in a Security Decision

Overview @cubejs-backend/api-gateway is a package that provides idempotent long polling API. Affected versions of this package are vulnerable to Reliance on Untrusted Inputs in a Security Decision due to the improper request sanitization. An attacker can gain unauthorized access to higher privile...

Prototype Pollution

Overview elysia is an Ergonomic Framework for Human Affected versions of this package are vulnerable to Prototype Pollution via the mergeDeep function after merging results of two standard schema validations with the same key. An attacker can achieve remote code execution by supplying crafted inp...

EUVD-2020-12198

Malware in sbrugna...

EUVD-2020-2391

Malware in sbrugna...

EUVD-2018-19918

Malware in sbrugna...

EUVD-2019-9771

Malware in sbrugna...

EUVD-2019-9618

Malware in sbrugna...

EUVD-2020-2361

Malware in sbrugna...

EUVD-2020-2393

Malware in sbrugna...

EUVD-2020-12356

Malware in sbrugna...

EUVD-2020-12388

Malware in sbrugna...

EUVD-2017-17519

Malware in sbrugna...

EUVD-2020-11995

Malware in sbrugna...

EUVD-2019-1582

Malware in sbrugna...

EUVD-2018-20223

Malware in sbrugna...

EUVD-2019-1554

Malware in sbrugna...

EUVD-2020-2394

Malware in sbrugna...

EUVD-2019-9617

Malware in sbrugna...

EUVD-2018-19827

Malware in sbrugna...