5 matches found
EUVD-2023-0797
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-41125
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Scrapy is a high-level web crawling and scraping framework for Python. If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP...
PT-2024-32318 · Unknown · Referencevalidator +1
Name of the Vulnerable Software and Affected Versions: referencevalidator versions prior to 2.5.1 Description: The profile location routine in the referencevalidator commons package is vulnerable to XML External Entities attack due to insecure defaults of the used Woodstox WstxInputFactory. A...
PT-2021-22431 · Cachet · Cachet
Name of the Vulnerable Software and Affected Versions: Cachet versions prior to 2.5.1 Description: Cachet is an open source status page system. Authenticated users, regardless of their privileges, can trick Cachet and install the instance again, leading to arbitrary code execution on the server...
CVE-2018-11774
Apache VCL versions 2.1 through 2.5 do not properly validate form input when adding and removing VMs to and from hosts. The form data is then used in SQL statements. This allows for an SQL injection attack. Access to this portion of a VCL system requires admin level rights. Other layers of securi...