26 matches found
EUVD-2024-53641
Malicious code in bioql PyPI...
An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component.
...
CVE-2025-50708
An issue in Perplexity AI GPT-4 v.2.51.0 allows a remote attacker to obtain sensitive information via the token component in the shared chat URL...
CVE-2025-50708
CVE-2025-50708 affects Perplexity AI GPT-4 v2.51.0. The issue is in the token component of the shared chat URL, enabling a remote attacker to obtain sensitive information (confidentiality impact). CVSS: Network attack vector, low attack complexity, no privileges required, no user interaction, wit...
CVE-2024-57604
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
MaysWind ezBookkeeping has Improper Privilege Management
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
GHSA-MPG8-8X9C-P9GV MaysWind ezBookkeeping has Improper Privilege Management
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
CVE-2024-57604
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
CVE-2024-57604
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
CVE-2024-57604
CVE-2024-57604 affects MaysWind ezBookkeeping 0.7.0. A remote attacker can escalate privileges via the token component. CVSS v3.1 shows: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H with base score 9.8 (CRITICAL). Connected sources also corroborate the same product and issue. The available documents do no...
PT-2025-6753 · Mayswind · Mayswind Ezbookkeeping
Name of the Vulnerable Software and Affected Versions: MaysWind ezBookkeeping version 0.7.0 Description: An issue in MaysWind ezBookkeeping allows a remote attacker to escalate privileges via the token component. Recommendations: For MaysWind ezBookkeeping version 0.7.0, consider disabling the...
ezBookkeeping 安全漏洞
ezBookkeeping is a lightweight personal bookkeeping application by mayswind individual developers. A security vulnerability exists in ezBookkeeping version 0.7.0, which stems from a vulnerability contained in the token component that results in an elevation of privilege vulnerability...
CVE-2024-57604
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
CVE-2024-57604
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...
SUSE CVE-2024-33394
An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...
GHSA-WCCG-V638-J9Q2 karmada vulnerable to arbitrary code execution via a crafted command
An issue in karmada-io karmada v1.9.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...
karmada vulnerable to arbitrary code execution via a crafted command
An issue in karmada-io karmada v1.9.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...
AZL-64791 CVE-2024-33394 affecting package kubevirt for versions less than 1.5.0-2
An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...
AZL-64787 CVE-2024-33394 affecting package kubevirt for versions less than 0.59.0-30
An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...
CVE-2024-33394
An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...