EUVD-2022-44890

Malicious code in bioql PyPI...

CVE-2015-10062

A vulnerability, which was classified as problematic, was found in galaxy-data-resource up to 14.10.0. This affects an unknown part of the component Command Line Template. The manipulation leads to injection. Upgrading to version 14.10.1 is able to address this issue. The patch is named...

galaxy-data-resource 注入漏洞

galaxy-data-resource is an application by blankenberg individual developers. An injection vulnerability exists in galaxy-data-resource version 14.10.0 and earlier. An attacker can exploit this vulnerability to inject arbitrary commands...

PT-2023-10241 · Unknown · Galaxy-Data-Resource

Name of the Vulnerable Software and Affected Versions: galaxy-data-resource versions up to 14.10.0 Description: A problematic issue was found in the Command Line Template component of galaxy-data-resource, leading to injection through manipulation of an unknown part. Upgrading to version 14.10.1...

CVE-2022-41712

Frappe version 14.10.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not correctly validate the information injected by the user in the importfile parameter...

CVE-2022-41712

Frappe version 14.10.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not correctly validate the information injected by the user in the importfile parameter...

Design/Logic Flaw

Frappe version 14.10.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not correctly validate the information injected by the user in the importfile parameter...

CVE-2022-41712

Frappe version 14.10.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not correctly validate the information injected by the user in the importfile parameter...

CVE-2022-41712

Frappe version 14.10.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not correctly validate the information injected by the user in the importfile parameter...

CVE-2022-41712

CVE-2022-41712 affects Frappe (framework) version 14.10.0. The issue arises from improper validation of user-supplied information in the import_file parameter, enabling an external attacker to remotely obtain arbitrary local files. The vulnerability description across sources confirms the impact ...

PT-2022-13876 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 1.0.2 through 14.8.5 GitLab CE/EE versions 14.9.0 through 14.9.3 GitLab CE/EE versions 14.10.0 Description: The issue is related to improper access control in the CI/CD cache mechanism, allowing a malicious actor with...