15 matches found
EUVD-2017-14718
Malware in sbrugna...
EUVD-2010-3761
Malware in sbrugna...
EUVD-2020-27388
Malware in sbrugna...
EUVD-2024-16692
Malicious code in bioql PyPI...
EUVD-2024-54328
Malicious code in bioql PyPI...
EUVD-2023-52481
Malicious code in bioql PyPI...
EUVD-2024-46607
Malicious code in bioql PyPI...
EUVD-2022-25260
Malicious code in bioql PyPI...
CVE-2024-0978
The My Private Site plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.14 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's site privacy feature and view restricted page and post content...
CVE-2022-1783
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for malicious group maintainers to add new members to a project within their...
CVE-2024-6875 Infinispan: infinispan: rest compare api has buffer leak
A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API...
CVE-2025-29924 XWiki uses the wrong wiki reference in AuthorizationManager
XWiki Platform is a generic wiki platform. Prior to 15.10.14, 16.4.6, and 16.10.0-rc-1, it's possible for an user to get access to private information through the REST API - but could also be through another API - when a sub wiki is using "Prevent unregistered users to view pages". The...
CVE-2024-12434 SureMembers <= 1.10.6 - Sensitive Information Exposure
The SureMembers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.10.6 via the REST API. This makes it possible for unauthenticated attackers to extract sensitive data including restricted content...
PT-2023-16356 · WordPress · Rest Api To Miniprogram
Name of the Vulnerable Software and Affected Versions: REST API TO MiniProgram WordPress plugin versions through 4.6.1 Description: The issue concerns a lack of authorization and CSRF checks in an AJAX action within the REST API TO MiniProgram WordPress plugin. This allows any authenticated users...
CVE-2023-2733 MStore API <= 3.9.0 - Authentication Bypass
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.0. This is due to insufficient verification on the user being supplied during the coupon redemption REST API request through the plugin. This makes it possible for unauthenticated...