16 matches found
EUVD-2016-1998
Malware in sbrugna...
EUVD-2025-3414
Malicious code in bioql PyPI...
EUVD-2024-34541
Malicious code in bioql PyPI...
EUVD-2023-3281
Malicious code in bioql PyPI...
PT-2025-23296 · Unknown · Vanquish Woocommerce Orders & Customers Exporter
Name of the Vulnerable Software and Affected Versions: Vanquish WooCommerce Orders & Customers Exporter versions n/a through 5.0 Description: The issue allows the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations: For versions n/a...
Security Vulnerabilities fixed in Firefox ESR 128.8 — Mozilla
In resizeToAtLeast of SkRegion.cpp, there was a possible out of bounds write due to an integer overflow On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. It was possibl...
CVE-2025-23774
Insertion of Sensitive Information Into Sent Data vulnerability in Niket Joshi WPDB to Sql wpdb-to-sql allows Retrieve Embedded Sensitive Data.This issue affects WPDB to Sql: from n/a through = 1.2...
CVE-2024-33964
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'id' in '/admin/modusers/index.php'...
CVE-2025-22303
CVE-2025-22303 – WP Mailster (brandToss) vulnerability : The Initial Description and Red Hat/Wordfence references confirm a data exposure flaw in WP Mailster, permitting extraction of embedded sensitive information from sent data. Affected product: WP Mailster (brandtoss) versions up to and inclu...
StoreFront - Citrix Credential Wallet Service Error Event Id "9"
Multiple StoreFront servers are configured as a Server Group. The below Error Event ID 9 is logged in StoreFront servers. ----------------------- Source: Citrix Credential Wallet Service Event ID: 9 Description: An unexpected error occurred retrieving the credentials. -----------------------...
CVE-2023-0100
In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter e.g. report=http://xyz.com/report.rptdesign. If the host indicated in the report parameter matched the HTTP Host header valu...
There is no way to retrieve the rewards from the MultisigManager and rewards are locked in the vault.
Lines of code Vulnerability details C4 issue M-21: Division by zero error can block RewardsPoolstartRewardCycle if all multisig wallet are disabled. Comments The protocol provides an external function startRewardsCycle so that anyone can start a new reward cycle if necessary. Before mitigation,...
Use of deprecated Chainlink API
Handle defsec Vulnerability details Impact The contract uses Chainlink’s deprecated API latestAnswer. Such functions might suddenly stop working if Chainlink stopped supporting deprecated APIs. Impact: Deprecated API stops working. Prices cannot be obtained. Protocol stops and contracts have to b...
Caldera UnixWare/OpenUnix unescaped shell characters problem
If | is used in filename shell comand may be executed by client on tertrieval...
CVE-2002-0226
retrievepassword.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID, which allows remote attackers to request a new password on behalf of another user and use the sessionID to calculate the new password for that user...
Проблема в The Bat! (<CR> handling)
Некорректная обработка символов 0x0D CR не закрытых символами 0x0A LF ввода POP3-сервера приводит к тому, что часть письма воспринимается как ответ сервера, что приводит к невозможности получения последующих писем с сервера...