48 matches found
EUVD-2023-55661
Malicious code in bioql PyPI...
EUVD-2023-55663
Malicious code in bioql PyPI...
EUVD-2024-21193
Malicious code in bioql PyPI...
EUVD-2023-55662
Malicious code in bioql PyPI...
CVE-2024-23734
Cross Site Request Forgery vulnerability in in the upload functionality of the User Profile pages in savignano S/Notify before 2.0.1 for Bitbucket allow attackers to replace S/MIME certificate or PGP keys for arbitrary users via crafted link...
CVE-2024-23735
Cross Site Scripting XSS vulnerability in in the S/MIME certificate upload functionality of the User Profile pages in savignano S/Notify before 4.0.0 for Confluence allows attackers to manipulate user data via specially crafted certificate...
CVE-2024-23737
Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Jira allows attackers to allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...
CVE-2024-23736
Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Confluence allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...
CVE-2023-50930
An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a...
CVE-2024-23737
Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Jira allows attackers to allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...
CVE-2024-23736
Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Confluence allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...
CVE-2024-23736
The CVE-2024-23736 entry concerns the savignano S/Notify product for Confluence, affected versions prior to 4.0.2. The vulnerability is a Cross-Site Request Forgery (CSRF) that enables an attacker to manipulate a user’s S/MIME certificate or PGP key via a malicious link or email. The root cause i...
CVE-2024-23737
Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Jira allows attackers to allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...
Savignano Software Solutions S/Notify Security Breach
Savignano Software Solutions S/Notify is an email encryption program from Savignano Software Solutions, Germany. A security vulnerability previously existed in Savignano Software Solutions S/Notify version 4.0.2. An attacker exploited the vulnerability to manipulate a user's PGP key S/MIME...
CVE-2024-23736
Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Confluence allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...
CVE-2024-23736
Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Confluence allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...
PT-2024-20046 · Savignano · S/Notify
Name of the Vulnerable Software and Affected Versions: savignano S/Notify versions prior to 4.0.2 for Jira Description: A Cross Site Request Forgery CSRF issue allows attackers to manipulate a user's S/MIME certificate or PGP key via a malicious link or email. Recommendations: For versions prior ...
CVE-2024-23737
Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Jira allows attackers to allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...
CVE-2024-23737
CVE-2024-23737 describes a CSRF vulnerability in Savignano S/Notify prior to 4.0.2 for Jira that can allow manipulation of a user’s S/MIME certificate or PGP key via a malicious link or email. Affected software: Savignano S/Notify before 4.0.2 for Jira. Root cause: CSRF leading to unintended cert...
CVE-2024-23735
Cross Site Scripting XSS vulnerability in in the S/MIME certificate upload functionality of the User Profile pages in savignano S/Notify before 4.0.0 for Confluence allows attackers to manipulate user data via specially crafted certificate...