107 matches found
EUVD-2019-17928
Malware in sbrugna...
EUVD-2003-0978
Malware in sbrugna...
EUVD-2015-3271
Malware in sbrugna...
EUVD-2025-2042
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-36403
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTSlib through 1.10.2 allows out-of-bounds write access in vcfparseformat called from vcfparse and vcfread. CVE-2020-36403 Note that Nessus relies on the presen...
CVE-2024-47531
Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and...
CVE-2025-1168
A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-contact.php. The manipulation of the argument contact leads to sql injection. The attack can be initiated...
SUSE CVE-2024-47530
Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lac...
CGA-VCF8-5CHR-MM2W
Bulletin has no description...
CVE-2024-47531 Scout contains insufficient output escaping of attachment names
Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and...
CVE-2024-47531 Scout contains insufficient output escaping of attachment names
Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and...
CVE-2024-47531 Scout contains insufficient output escaping of attachment names
Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and...
CVE-2024-47531
Scout is a web-based visualizer for VCF-files. The issue arises from insufficient sanitization of download filenames, allowing bypass of the intended file extension and the delivery of files with any extension. Malicious content embedded in the file could be downloaded and opened by users, potent...
CVE-2024-47530 Scout contains an Open Redirect on Login via `next`
Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lac...
CVE-2024-47530 Scout contains an Open Redirect on Login via `next`
Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lac...
CVE-2024-47530 Scout contains an Open Redirect on Login via `next`
Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lac...
CVE-2024-8380
A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been rated as critical. This issue affects some unknown processing of the file /endpoint/delete-account.php of the component Delete Contact Handler. The manipulation of the argument contact leads to sql...
CVE-2024-8380 SourceCodester Contact Manager with Export to VCF Delete Contact delete-account.php sql injection
A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been rated as critical. This issue affects some unknown processing of the file /endpoint/delete-account.php of the component Delete Contact Handler. The manipulation of the argument contact leads to sql...
CVE-2024-8380
SourceCodester Contact Manager with Export to VCF 1.0 contains a SQL injection vulnerability in the Delete Contact Handler, specifically the /endpoint/delete-account.php endpoint. The issue arises from improper handling of the contact parameter, allowing remote exploitation. Public disclosure of ...
CVE-2024-8380 SourceCodester Contact Manager with Export to VCF Delete Contact delete-account.php sql injection
A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been rated as critical. This issue affects some unknown processing of the file /endpoint/delete-account.php of the component Delete Contact Handler. The manipulation of the argument contact leads to sql...