Lucene search
K

8 matches found

OSV
OSV
added 2025/10/20 5:55 p.m.4 views

GHSA-XVP7-8VM8-XFXX Actual Sync-server Gocardless service is logging sensitive data including bearer tokens and account numbers

Summary The GoCardless components in Actualbudget in are logging responses to STDOUT in a parsed format using console.logand console.debug Which in this version of node is an alias for console.log. This is exposing sensitive information in log files including, but not limited to: - Gocardless...

4.2CVSS6.9AI score
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-3968

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00239EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-29922

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00771EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/11 12:37 a.m.5 views

CVE-2025-24872 Missing Authorization check in SAP ABAP Platform (ABAP Build Framework)

The ABAP Build Framework in SAP ABAP Platform allows an authenticated attacker to gain unauthorized access to a specific transaction. By executing the add-on build functionality within the ABAP Build Framework, an attacker could call the transaction and view its details. This has a limited impact...

4.3CVSS4.7AI score0.00239EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/11 12:37 a.m.18 views

CVE-2025-24872 Missing Authorization check in SAP ABAP Platform (ABAP Build Framework)

The ABAP Build Framework in SAP ABAP Platform allows an authenticated attacker to gain unauthorized access to a specific transaction. By executing the add-on build functionality within the ABAP Build Framework, an attacker could call the transaction and view its details. This has a limited impact...

4.3CVSS0.00239EPSS
Exploits0References2
Hacker One
Hacker One
added 2019/12/09 12:47 p.m.18 views

Razer: Improper Authorization at https://api-my.pay.razer.com/v1/trxDetail?trxId=[Id] allowing unauthorised access to other user's transaction details

The tester determined that the Razer Pay backend server could be exploited to obtain transaction details from another user. Razer Fintech appreciates the detailed report and clear PoC...

2.3AI score
Exploits0
Hacker One
Hacker One
added 2018/06/12 6:56 a.m.20 views

Monero: Misreporting of received amount by show_transfers

Summary: A sender may cause showtransfers to report a higher amount that was actually sent on the recipient's showtransfers output. Description: Due to a flaw in processnewtransaction in wallet2.cpp, if the tx pubkey is present multiple times, it will decode outputs correctly as many times, and a...

6.9AI score
Exploits0
Cisco Threats
Cisco Threats
added 2014/01/22 4:58 p.m.12 views

Threat Outbreak Alert: Fake Transaction Details Notification Email Messages on January 21, 2014

Medium Alert ID: 32515 First Published: 2014 January 22 16:58 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain transaction details for the recipient. The text in the email message attempts to convince the recipient to ope...

6.9AI score
Exploits0
Rows per page
Query Builder