592 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-8019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in WebApp in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page...
EUVD-2004-1736
Malware in sbrugna...
EUVD-2014-0183
Malware in sbrugna...
EUVD-2007-1172
Malware in sbrugna...
EUVD-2023-3139
Malicious code in bioql PyPI...
CVE-2006-7187
Cross-site scripting XSS vulnerability in the showrecentsearches function in cgi-lib/user-lib/search.pl in web-app.net WebAPP before 20060909 allows remote attackers to inject arbitrary web script or HTML via the srch variable...
Malicious code in tiktok_4d_webapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee7b2f7d0a2a643de495f8b050981233231b51ed49c2dabb3e2de7b908b9fa7a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
.NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2024-43498 | .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0. This advisory also provides guidance on what developers can do to update their applicatio...
CVE-2024-41618
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to SQL Injection in the transactiondeletegroup function. The vulnerability is due to improper sanitization of user input in the TrDeleteArr parameter, which is directly incorporated into an SQL query...
CVE-2024-41617
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to Incorrect Access Control. The redirectifnotloggedin function in functionssecurity.php fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary...
CVE-2024-41617
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to Incorrect Access Control. The redirectifnotloggedin function in functionssecurity.php fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary...
CVE-2024-41617
Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to Incorrect Access Control: the redirect_if_not_loggedin function in functions_security.php does not terminate after redirecting unauthenticated users. This allows an unauthenticated attacker to upload arbitrary files, potentiall...
CVE-2024-41618
CVE-2024-41618 affects Money Manager EX WebApp (web-money-manager-ex) 1.2.2 and is caused by improper sanitization of the TrDeleteArr parameter in transaction_delete_group, allowing SQL injection. The vulnerability is described consistently across Red Hat, NVD, OSV, CNNVD, CVEList/CVE pages, and ...
CVE-2024-41618
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to SQL Injection in the transactiondeletegroup function. The vulnerability is due to improper sanitization of user input in the TrDeleteArr parameter, which is directly incorporated into an SQL query...
CVE-2024-41618
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to SQL Injection in the transactiondeletegroup function. The vulnerability is due to improper sanitization of user input in the TrDeleteArr parameter, which is directly incorporated into an SQL query...
CVE-2024-41617
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to Incorrect Access Control. The redirectifnotloggedin function in functionssecurity.php fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary...
CVE-2024-41617
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to Incorrect Access Control. The redirectifnotloggedin function in functionssecurity.php fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary...
CVE-2024-8033
Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2024-8033
Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
Cross-site Scripting (XSS)
org.dspace:dspace-server-webapp is vulnerable to Cross-site Scripting XSS. The vulnerability is caused by improper validation of download behavior for HTML, XML, or JavaScript Bitstreams, allowing embedded JavaScript to execute in the user's browser, which could potentially lead to XSS attacks...