EUVD-2025-31763

Malicious code in bioql PyPI...

CVE-2024-25122 Cross-site Scripting sidekiq-unique-jobs UI server vulnerability

sidekiq-unique-jobs is an open source project which prevents simultaneous Sidekiq jobs with the same unique arguments to run. Specially crafted GET request parameters handled by any of the following endpoints of sidekiq-unique-jobs' "admin" web UI, allow a super-user attacker, or an unwitting, bu...

CVE-2024-25122 Cross-site Scripting sidekiq-unique-jobs UI server vulnerability

sidekiq-unique-jobs is an open source project which prevents simultaneous Sidekiq jobs with the same unique arguments to run. Specially crafted GET request parameters handled by any of the following endpoints of sidekiq-unique-jobs' "admin" web UI, allow a super-user attacker, or an unwitting, bu...

CVE-2024-25122

CVE-2024-25122 affects sidekiq-unique-jobs (admin UI) with a Cross-Site Scripting vulnerability exploitable via crafted GET parameters to /changelogs, /locks, or /expiring_locks. Public reports (GHSA, OSV, Red Hat, NVD) describe a reflected XSS that could exfiltrate cookies, sessions, or localSto...

user fund lose in deposit() of PirexERC4626 contract because A MALICIOUS EARLY USER/ATTACKER CAN MANIPULATE THE VAULT’S PRICEPERSHARE TO TAKE AN UNFAIR SHARE OF FUTURE USERS’ DEPOSITS

Lines of code Vulnerability details Impact This is a well-known attack vector for new contracts that utilize pricePerShare for accounting. Attacker can cause totalAssets / totalSupply ratio to go as high as he wants and then because of rounding error in convertToShares lower amount of share would...

CVE-2022-1280

A use-after-free vulnerability was found in drmleaseheld in drivers/gpu/drm/drmlease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service DoS or a kernel information leak...