12 matches found
EUVD-2022-1216
Malicious code in bioql PyPI...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure due to improper handling of property access on reflection types and static properties/fields. An attacker can list installed nuget packages' names and versions through attributes and base types they require by...
System.Linq.Dynamic.Core 安全漏洞
System.Linq.Dynamic.Core is a .NET Core/Standard port of the Microsoft assembly for .NET 4.0 Dynamic Language Features open-sourced by ZZZ Projects. A security vulnerability exists in System.Linq.Dynamic.Core version 1.4.6, which stems from a vulnerability that allows remote access to properties ...
CVE-2024-39677 NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilities
NHibernate is an object-relational mapper for the .NET framework. A SQL injection vulnerability exists in some types implementing ILiteralType.ObjectToSQLString. Callers of these methods are exposed to the vulnerability, which includes mappings using inheritance with discriminator values; HQL...
CVE-2024-39677 NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilities
NHibernate is an object-relational mapper for the .NET framework. A SQL injection vulnerability exists in some types implementing ILiteralType.ObjectToSQLString. Callers of these methods are exposed to the vulnerability, which includes mappings using inheritance with discriminator values; HQL...
NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilities
Impact A SQL injection vulnerability exists in some types implementing ILiteralType.ObjectToSQLString. Callers of these methods are exposed to the vulnerability, which includes: - Mappings using inheritance with discriminator values: - The discriminator value could be written in the mapping in a...
GHSA-FG4Q-CCQ8-3R5Q NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilities
Impact A SQL injection vulnerability exists in some types implementing ILiteralType.ObjectToSQLString. Callers of these methods are exposed to the vulnerability, which includes: - Mappings using inheritance with discriminator values: - The discriminator value could be written in the mapping in a...
GHSA-VWX4-FRPR-W27J Improper Synchronization in Jenkins Convertigo Mobile Platform Plugin
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured...
Improper Synchronization in Jenkins Convertigo Mobile Platform Plugin
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured...
CVE-2022-25210
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured...
CVE-2022-25210
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured...
CVE-2022-25210
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured...