13 matches found
EUVD-2025-23603
Malicious code in bioql PyPI...
CVE-2025-8547
A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2025-8547
A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2025-8547
A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the...
PT-2025-31905 · Unknown · Atjiu Pybbs
Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions up to 6.0.0 Description: A critical issue exists in the Email Verification Handler component, leading to improper authorization. The attack can be initiated remotely, and the exploit has been publicly disclosed...
CVE-2025-5323
A vulnerability, which was classified as problematic, has been found in fossasia open-event-server 1.19.1. This issue affects the function sendemailchangeuseremail of the file /fossasia/open-event-server/blob/development/app/api/helpers/mail.py of the component Mail Verification Handler. The...
CVE-2025-5323 fossasia open-event-server Mail Verification mail.py send_email_change_user_email reliance on obfuscation or encryption of security-relevant inputs without integrity checking
A vulnerability, which was classified as problematic, has been found in fossasia open-event-server 1.19.1. This issue affects the function sendemailchangeuseremail of the file /fossasia/open-event-server/blob/development/app/api/helpers/mail.py of the component Mail Verification Handler. The...
CVE-2025-5323 fossasia open-event-server Mail Verification mail.py send_email_change_user_email reliance on obfuscation or encryption of security-relevant inputs without integrity checking
A vulnerability, which was classified as problematic, has been found in fossasia open-event-server 1.19.1. This issue affects the function sendemailchangeuseremail of the file /fossasia/open-event-server/blob/development/app/api/helpers/mail.py of the component Mail Verification Handler. The...
CVE-2025-5323
CVE-2025-5323 affects fossasia open-event-server 1.19.1, specifically the Mail Verification Handler’s function send_email_change_user_email . The issue is described as relying on obfuscation or encryption of security-relevant inputs without integrity checks, with possible remote activation and hi...
PT-2025-23188 · Fossasia · Open-Event-Server
Name of the Vulnerable Software and Affected Versions: fossasia open-event-server version 1.19.1 Description: A problematic issue has been found in the Mail Verification Handler component, specifically affecting the send email change user email function. This issue leads to reliance on obfuscatio...
Open Event Server 安全漏洞
Open Event Server is an open source Open Event Organizer Server for managing events from FOSSASIA, New Gabi. A security vulnerability exists in Open Event Server version 1.19.1, which stems from a lack of integrity checking in the Mail Verification Handler component where the...
edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler()
REJECTED CVE A secure boot bypass vulnerability was found in EDK2 due to the lack of proper return value checks in the GetEfiGlobalVariable2 function. The API may fail if functions like AllocatePool or gRT-GetVariable fail. Without verifying the return value, an attacker could cause the API to...
edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler()
REJECTED CVE A secure boot bypass vulnerability was found in EDK2 due to the lack of proper return value checks in the GetEfiGlobalVariable2 function. The API may fail if functions like AllocatePool or gRT-GetVariable fail. Without verifying the return value, an attacker could cause the API to...