48 matches found
EUVD-2021-1267
Malware in sbrugna...
EUVD-2021-10427
Malware in sbrugna...
EUVD-2023-46737
Malicious code in bioql PyPI...
EUVD-2023-46738
Malicious code in bioql PyPI...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to improper mTLS configuration handling. An attacker can exploit this misconfiguration to establish unauthorized connections to Redis instances that are intended to require client certificate...
MAL-2025-10528 Malicious code in @zalastax/nolb-_tyk (npm)
The package @zalastax/nolb-tyk was found to contain malicious code...
Malicious code in @zalastax/nolb-_tyk (npm)
The package @zalastax/nolb-tyk was found to contain malicious code...
CVE-2023-42283
Blind SQL injection in apiid parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query...
CVE-2023-42284
Blind SQL injection in apiversion parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query...
Authentication Bypass
github.com/tyktechnologies/tyk-identity-broker is vulnerable to Authentication Bypass. The vulnerability is due to the Go XML parser not guaranteeing integrity during the XML round-trip encoding/decoding XML data, which allows for the bypassing of SAML authentication...
GO-2022-0906 Authentication Bypass in tyk-identity-broker in github.com/TykTechnologies/tyk-identity-broker
Authentication Bypass in tyk-identity-broker in github.com/TykTechnologies/tyk-identity-broker...
Malicious code in tyk-developer-portal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6830a4dad414db435db7f758c7ca9a035d4571a5f4e1053c017e1ee603629e6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-1647 Malicious code in tyk-developer-portal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6830a4dad414db435db7f758c7ca9a035d4571a5f4e1053c017e1ee603629e6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-42283
Blind SQL injection in apiid parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query...
CVE-2023-42284
Blind SQL injection in apiversion parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query...
CVE-2023-42283
Blind SQL injection in apiid parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query...
CVE-2023-42284
Blind SQL injection in apiversion parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query...
CVE-2023-42283
Blind SQL injection in apiid parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query...
Sql injection
Blind SQL injection in apiid parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query...
Sql injection
Blind SQL injection in apiversion parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query...