EUVD-2023-0845

Malicious code in bioql PyPI...

The Bastion 安全漏洞

The Bastion is an open source authentication system from OVHcloud. A security vulnerability exists in The Bastion that stems from a script that fails to properly sign a file, potentially leading to data integrity issues...

CouchAuth 注入漏洞

CouchAuth is a Perfood open source authentication API. An injection vulnerability exists in CouchAuth 0.21.2 and earlier versions, which stems from the presence of host header injection in NPM packages, allowing an attacker to trigger an SSTI via a specially crafted request to disclose informatio...

Mattermost Server < 8.1.11 / 9.x < 9.3.3 / 9.4.x < 9.4.4 / 9.5.x < 9.5.2 Multiple Vulnerabilities

The version of Mattermost Server installed on the remote host is prior to 8.1.11, 9.x prior to 9.3.3, 9.4.x prior to 9.4.4, or 9.5.x prior to 9.5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the MMSA-2024-00306, MMSA-2023-00274, and MMSA-2024-00311 advisories: -...

HIMA Paul Hildebrandt Multiple Product Access Control Error Vulnerability

The HIMA Paul Hildebrandt F Series and the HIMA Paul Hildebrandt X Series are both a line of electronic components from HIMA Paul Hildebrandt. An access control error vulnerability exists in multiple HIMA Paul Hildebrandt products that originates from an unauthenticated attacker being able to sen...

Siemens SICAM GridEdge Source Authentication Error Vulnerability

SICAM GridEdge enables IoT functionality in your existing IEC61850 devices with just a few clicks.A source authentication error vulnerability in Siemens SICAM GridEdge is caused by the fact that the affected software does not apply cross-domain resource sharing CORS restrictions to critical...

Siemens SICAM GridEdge Essential 访问控制错误漏洞

SICAM GridEdge enables IoT functionality in your existing IEC61850 devices with just a few clicks.A source authentication error vulnerability in Siemens SICAM GridEdge is caused by the fact that the affected software does not apply cross-domain resource sharing CORS restrictions to critical...

多款 VMware 产品跨站请求伪造漏洞

Vmware vRealize Automation and others are products of Vmware, Inc. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is...

Juniper Networks Junos OS Code Issue Vulnerability (CNVD-2021-53343)

Juniper Networks Junos OS is a network operating system from Juniper Networks, Inc. that is specific to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Junos OS is vulnerable to a code issue that stems from the use of a resource publ...

Juniper Networks Junos OS 代码问题漏洞

Juniper Networks Junos OS is a network operating system from Juniper Networks, Inc. that is specific to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Junos OS is vulnerable to a code issue that stems from the use of a resource publ...