27 matches found
EUVD-2020-30122
Malware in sbrugna...
EUVD-2021-30615
Malicious code in bioql PyPI...
EUVD-2022-1227
Malicious code in bioql PyPI...
CVE-2021-43708
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode...
CVE-2020-9296
Netflix Titus uses Java Bean Validation JSR 380 custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Java EL expressions. If an attacker can inject arbitrary data in the error message template being passe...
CVE-2020-9297
Netflix Titus, all versions prior to version v0.1.1-rc.274, uses Java Bean Validation JSR 380 custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Java EL expressions. If an attacker can inject arbitrary...
titus-grinding.de Improper Access Control vulnerability OBB-3820465
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2021-43708
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode...
CVE-2021-43708
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode...
Design/Logic Flaw
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode...
CVE-2021-43708
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode...
CVE-2021-43708
The CVE-2021-43708 entry concerns Titus Classification Suite version 18.8.1910.140. The issue centers on the labeling tool, where a user can avoid generating a classification label by leveraging Excel’s Safe Mode. Documents explicitly tie the vulnerability to a bypass of the label generation mech...
Titus Classification Suite 安全漏洞
Titus Classification Suite is a data classification, data identification and security automation software from Titus Canada. A security vulnerability exists in Titus Classification Suite 18.8.1910.140 that allows users to avoid generating classification labels using Excel's Safe Mode...
Netflix Titus Remote Code Execution (CVE-2020-9297)
A remote code execution vulnerability exists in Netflix Titus. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system that will damage users system...
CVE-2020-9297
Netflix Titus, all versions prior to version v0.1.1-rc.274, uses Java Bean Validation JSR 380 custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Java EL expressions. If an attacker can inject arbitrary...
CVE-2020-9297
Netflix Titus, all versions prior to version v0.1.1-rc.274, uses Java Bean Validation JSR 380 custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Java EL expressions. If an attacker can inject arbitrary...
Code injection
Netflix Titus, all versions prior to version v0.1.1-rc.274, uses Java Bean Validation JSR 380 custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Java EL expressions. If an attacker can inject arbitrary...
CVE-2020-9297
Netflix Titus, all versions prior to version v0.1.1-rc.274, uses Java Bean Validation JSR 380 custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Java EL expressions. If an attacker can inject arbitrary...
CVE-2020-9297
CVE-2020-9297 affects Netflix Titus prior to v0.1.1-rc.274. The issue arises when building custom constraint violation messages with ConstraintValidatorContext.buildConstraintViolationWithTemplate(); an attacker could inject arbitrary data into the error message template, enabling execution of ar...
CVE-2020-9296
Netflix Titus uses Java Bean Validation JSR 380 custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Java EL expressions. If an attacker can inject arbitrary data in the error message template being passe...