11 matches found
CVE-2026-25876
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the backend/src/routes/results.routes.ts verify authentication but fails to enforce object-level authorization ownership checks. For example, this can be used to return all results for an assessment...
EUVD-2022-2088
Malicious code in bioql PyPI...
EUVD-2025-6258
Malicious code in bioql PyPI...
PT-2025-31393 · Autogpt · Autogpt
Name of the Vulnerable Software and Affected Versions: AutoGPT versions prior to 0.6.16 Description: AutoGPT is a platform for creating, deploying, and managing continuous artificial intelligence agents. The external API’s get graph execution results endpoint has an authorization bypass. While th...
CVE-2024-37763
MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results...
CVE-2025-2271
A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access audit results of other users by exploiting an Insecure Direct Object Reference IDOR vulnerability in the Issuetrak audit component. The vulnerability enables unauthorized access to sensitive...
CVE-2025-1198
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results...
CVE-2022-43414
Jenkins NUnit Plugin 0.27 and earlier implements an agent-to-controller message that parses files inside a user-specified directory as test results, allowing attackers able to control agent processes to obtain test results from files in an attacker-specified directory on the Jenkins controller...
Jenkins Plugin xUnit 安全漏洞
Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins Plugin xUnit 3.0.8 and earlier versions, which can be exploited by an attacker...
PYSEC-2021-126
A flaw was found in Ansible if an ansible user sets ANSIBLEASYNCDIR to a subdirectory of a world writable directory. When this occurs, there is a race condition on the managed machine. A malicious, non-privileged account on the remote machine can exploit the race condition to access the async...
Common Admission Test (CAT) Site Hacked and this buzz makes IIMs website go offline !
The Indian Institutes of Management on Monday dismantled the web portal of their Common Admission Test CAT amid fears that some students managed to access their results in the 2010 CAT through the website ten days before schedule. The IIMs dismissed speculation that the CAT website "www.catiim.in...