EUVD-2023-51802

Malicious code in bioql PyPI...

CVE-2025-32021 Weblate VCS credentials included in URL parameters are potentially logged and saved into browser history as plaintext

Weblate is a web based localization tool. Prior to version 5.11, when creating a new component from an existing component that has a source code repository URL specified in settings, this URL is included in the client's URL parameters during the creation process. If, for example, the source code...

CVE-2024-53260 Course Roster vulnerable to CSV Injection in Autolab

Autolab is a course management service that enables auto-graded programming assignments. A user can modify their first and or last name to include a valid excel / spreadsheet formula. When an instructor downloads their course's roster and opens, this name will then be evaluated as a formula. This...

CVE-2024-53260 Course Roster vulnerable to CSV Injection in Autolab

Autolab is a course management service that enables auto-graded programming assignments. A user can modify their first and or last name to include a valid excel / spreadsheet formula. When an instructor downloads their course's roster and opens, this name will then be evaluated as a formula. This...

CVE-2023-47704

IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. IBM X-Force ID: 271220...

Ingnovarq 跨站脚本漏洞

Ingnovarq is a repository containing the source code of Ingnovarq by the individual developer Andrés David Montoya Aguirre. A cross-site scripting vulnerability exists in Ingnovarq, which stems from misuse of the parameter imagetitle leading to cross-site scripting...

CVE-2022-22460

IBM Security Verify Identity Manager 10.0 contains sensitive information in the source code repository that could be used in further attacks against the system. IBM X-Force ID: 225013...

CVE-2022-22460

IBM Security Verify Identity Manager 10.0 contains sensitive information in the source code repository that could be used in further attacks against the system. IBM X-Force ID: 225013...

IBM Security Verify Identity Manager 安全漏洞

IBM Security Verify Identity Manager is a security verification identity manager from IBM USA. A security vulnerability exists in IBM Security Verify Identity Manager version 10.0 that originates from the inclusion of sensitive information in the source code repository...

[SECURITY] Fedora 33 Update: libopenmpt-0.4.24-1.fc33

libopenmpt is a cross-platform C++ and C library to decode tracked music files modules into a raw PCM audio stream. libopenmpt is based on the player code of the OpenMPT project Open ModPlug Tracker. In order to avoid code base fragmentation, libopenmpt is developed in the same source code...

[SECURITY] Fedora 33 Update: libopenmpt-0.4.19-1.fc33

libopenmpt is a cross-platform C++ and C library to decode tracked music files modules into a raw PCM audio stream. libopenmpt is based on the player code of the OpenMPT project Open ModPlug Tracker. In order to avoid code base fragmentation, libopenmpt is developed in the same source code...

[SECURITY] Fedora 34 Update: libopenmpt-0.5.7-1.fc34

libopenmpt is a cross-platform C++ and C library to decode tracked music files modules into a raw PCM audio stream. libopenmpt is based on the player code of the OpenMPT project Open ModPlug Tracker. In order to avoid code base fragmentation, libopenmpt is developed in the same source code...

Cherokee Web Server <= 1.2.104 Multiple Vulnerabilities

Cherokee Web Server is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

Linux Kernel _sctp_make_chunk() Denial Of Service Vulnerability

Secunia Research has discovered a vulnerability in Linux Kernel, which can be exploited by malicious, local users to cause a DoS Denial of Service. An error in the "sctpmakechunk" function net/sctp/smmakechunk.c when handling SCTP packets length can be exploited to cause a kernel crash. The...