42 matches found
EUVD-1999-0220
Malware in sbrugna...
EUVD-2008-1060
Malware in sbrugna...
EUVD-2010-4623
Malware in sbrugna...
EUVD-2014-4666
Malware in sbrugna...
EUVD-2014-0050
Malware in sbrugna...
EUVD-2020-27380
Malware in sbrugna...
EUVD-2014-0500
Malware in sbrugna...
EUVD-2023-1397
Malicious code in bioql PyPI...
EUVD-2022-26803
Malicious code in bioql PyPI...
EUVD-2025-16542
Malicious code in bioql PyPI...
EUVD-2022-46168
Malicious code in bioql PyPI...
SQL Injection
github.com/uptrace/bun is vulnerable to SQL injection. The vulnerability is due to improper handling of SQL arguments in the appendArg function in /pgdriver/format.go, which allows an attacker to inject arbitrary SQL commands...
CVE-2022-40306
The login form /Login in ECi Printanista Hub formerly FMAudit Printscout before 5.5.2 July 2023 performs expensive RSA key-generation operations, which allows attackers to cause a denial of service DoS by requesting that form repeatedly...
Unspecified Vulnerability in JetBrains Ktor
JetBrains Ktor is a web framework for building asynchronous servers and clients in Kotlin from the Czech company JetBrains. Used to create microservices, Web applications , etc., build RESTful API. JetBrains Ktor suffers from a security vulnerability that stems from the occurrence of an HTTP...
Taurus multi-party-sig has OT-based ECDSA protocol implementation flaws
Coinbase researchers reported 2 security issues in our implementation of the oblivious transfer OT based protocol DKLS: 1. Secret share recovery attack If the base OT setup of the protocol is reused for another execution of the OT extension, then a malicious participant can extract a bit of the...
PYSEC-2024-176
A reflected Cross-Site Scripting XSS vulnerability was identified in zenml-io/zenml version 0.57.1. The vulnerability exists due to improper neutralization of input during web page generation, specifically within the survey redirect parameter. This flaw allows an attacker to redirect users to a...
Oracle MySQL Denial of Service Vulnerability (CNVD-2024-20817)
Oracle MySQL is an open source relational database management system from Oracle. A security vulnerability exists in MySQL Connectors for Oracle MySQL. An attacker could exploit this vulnerability to cause the MySQL server to hang or crash frequently and repeatedly...
SVGator – Add Animated SVG Easily < 1.2.5 - API Token Update/Deletion & Import Projects via CSRF
Description The plugin does not have CSRF checks when updating and deleting API token as well as importing projects, which could allow attackers to make logged in admins perform such actions via CSRF attacks...
Extracting GPT’s Training Data
This is clever: The actual attack is kind of silly. We prompt the model with the command "Repeat the word poem forever" and sit back and watch as the model responds complete transcript here. In the abridged example above, the model emits a real email address and phone number of some unsuspecting...
CVE-2023-37069
Code-Projects Online Hospital Management System V1.0 is vulnerable to SQL Injection SQLI attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the login id and password fields during the login...