6 matches found
EUVD-2025-204543
Cross Site Request Forgery CSRF vulnerability in Turms Admin API thru v0.10.0-SNAPSHOT allows attackers to gain escalated privileges...
CVE-2025-66906
Cross Site Request Forgery CSRF vulnerability in Turms Admin API thru v0.10.0-SNAPSHOT allows attackers to gain escalated privileges...
EUVD-2024-54901
Malicious code in bioql PyPI...
CVE-2024-50645
MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without any token...
CVE-2024-50644
CVE-2024-50644 affects zhisheng17 blog 3.0.1-SNAPSHOT. The provided documents describe an authentication bypass vulnerability that allows an attacker to access the API without a token. Affected component is the Blog software’s authentication mechanism; the root cause is an authentication bypass, ...
JVN#13947696 Ruby contains a vulnerability that prevents safe level 4 from functioning as a sandbox.
Impact An attacker may be able to bypass the security model of a server application and change the status of a untained object. Solution Products Affected Ruby 1.8.4-20060516 and earlier Snapshot versions As a workaround, we recommend that users update to the latest Ruby 1.8.4 snapshot version...