33 matches found
EUVD-2021-24341
Malware in sbrugna...
EUVD-2020-5539
Malware in sbrugna...
EUVD-2021-30436
Malicious code in bioql PyPI...
EUVD-2021-7669
Malicious code in bioql PyPI...
EUVD-2024-52723
Malicious code in bioql PyPI...
EUVD-2022-49555
Malicious code in bioql PyPI...
EUVD-2023-59323
Malicious code in bioql PyPI...
EUVD-2022-39793
Malicious code in bioql PyPI...
CVE-2025-55743
UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy...
Azure Linux 3.0 Security Update: libsoup (CVE-2025-32912)
The version of libsoup installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32912 advisory. - A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP...
CVE-2024-54997
MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability via the entry text field at /journal/entries/ID/edit...
CVE-2023-7141
A vulnerability was found in code-projects Client Details System 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/update-clients.php. The manipulation of the argument uid leads to sql injection. The exploit has been disclosed to the public and may be...
CVE-2023-42787
A client-side enforcement of server-side security CWE-602 vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortiAnalyzer version 7.4.0 and before 7.2.3 may allow a remote attacker with low privileges to access a privileged web console via client side code execution...
CVE-2022-29982
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/maintenance/manageservice.php?id=...
CVE-2022-36111
immudb is a database with built-in cryptographic proof and verification. In versions prior to 1.4.1, a malicious immudb server can provide a falsified proof that will be accepted by the client SDK signing a falsified transaction replacing the genuine one. This situation can not be triggered by a...
CVE-2024-7487
WSO2 Identity Server 7.0.0 is affected by an improper authentication vulnerability that allows bypass of app-native authentication when an invalid object is passed, potentially compromising the integrity of the authentication process. The issue affects the authentication flow (client verification...
CVE-2025-33137
Affected product: IBM Aspera Faspex 5 (versions 5.0.0–5.0.12). Vulnerability cause: client-side enforcement of server-side security enables an authenticated user to access sensitive information or perform actions on behalf of another user. Impact: potential disclosure of sensitive data and unauth...
CVE-2020-25251
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Client-side authentication is used for critical functions such as adding users or retrieving sensitive information...
CVE-2019-15541
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service loop of connevent and ready by arranging for a client to never be writable...
CVE-2025-46193
SourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via Arbitrary file upload in userproposalupdateorder.php...