77 matches found
EUVD-2020-19169
Malware in sbrugna...
EUVD-2023-50095
Malicious code in bioql PyPI...
CVE-2023-45816
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, there is an edge case where a bookmark reminder is sent and an unread notification is generated, but the underlying bookmarkabl...
CVE-2025-29923 go-redis allows potential out of order responses when `CLIENT SETINFO` times out during connection establishment
go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when CLIENT SETINFO times out during connection establishment. This can happen when the client is configured to transmit its identity, there...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 128.4.3 fixed: Folder corruption could cause Thunderbird to freeze and become unusable fixed: Message corruption could be propagated when reading mbox fixed: Folder compaction was not abandoned on shutdown fixed:...
CVE-2024-5240
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /view/unreadmsg.php. The manipulation of the argument myindex leads to sql injection. The attack may be initiated remotely. The...
CVE-2024-5240
The CVE-2024-5240 entry pertains to Campcodes Complete Web-Based School Management System v1.0, with a SQL injection in the /view/unread_msg.php file caused by manipulating the my_index argument. Multiple connected sources confirm remote exploitation and public disclosure of the exploit. Concrete...
PT-2024-35238 · Campcodes · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A critical issue affects the processing of the file /view/unread msg.php, where the manipulation of the my index argument leads to SQL injection. This issue can be...
BIT-DISCOURSE-2023-45816 Unread bookmark reminder notifications that the user cannot access can be seen
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, there is an edge case where a bookmark reminder is sent and an unread notification is generated, but the underlying bookmarkabl...
CVE-2020-26627
A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a crafted payload entered into the 'Admin Remark' parameter under the 'Contact Us Queries - Unread Query' tab...
CVE-2020-26627
A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a crafted payload entered into the 'Admin Remark' parameter under the 'Contact Us Queries - Unread Query' tab...
Sql injection
A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a crafted payload entered into the 'Admin Remark' parameter under the 'Contact Us Queries - Unread Query' tab...
Discourse < 3.1.3, 3.2.x < 3.2.0.beta3 Multiple Vulnerabilities
Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...
Design/Logic Flaw
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, there is an edge case where a bookmark reminder is sent and an unread notification is generated, but the underlying bookmarkabl...
CVE-2023-45816 Unread bookmark reminder notifications that the user cannot access can be seen
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, there is an edge case where a bookmark reminder is sent and an unread notification is generated, but the underlying bookmarkabl...
CVE-2023-45816 Unread bookmark reminder notifications that the user cannot access can be seen
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, there is an edge case where a bookmark reminder is sent and an unread notification is generated, but the underlying bookmarkabl...
PT-2023-29706 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.1.3 Discourse version 3.2.0.beta3 and earlier of the beta and tests-passed branches Description: Discourse is an open source platform for community discussion. There is an edge case where a bookmark reminder is...
Discourse 信息泄露漏洞
Discourse is an open source community discussion platform. The platform includes community, email, and chat room features. Discourse suffers from an information disclosure vulnerability that stems from the fact that the number of topics displayed by tabs counts only the unread regular topic limit...
SUSE CVE-2022-41721
A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be...
SUSE CVE-2022-42313
Xenstore: guests can let run xenstored out of memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service...