EUVD-2023-12191

Malicious code in bioql PyPI...

CVE-2023-0090 Proofpoint Enterprise Protection webservices unauthenticated RCE

The webservices in Proofpoint Enterprise Protection PPS/POD contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. Exploitation requires network access to the webservices API, but such access is a non-standard configuration. This affects all...

Bugzilla < 4.0.16 / 4.2.12 / 4.4.7 / 5.0rc1 Multiple Vulnerabilities

According to its banner, the version of Bugzilla running on the remote host is potentially affected by the following vulnerabilities : - A command injection vulnerability exists due to a failure to properly utilize the 3 arguments form for open. This allows an authenticated, remote attacker with...

FreeBSD : Bugzilla multiple security issues (dc2d76df-a595-11e4-9363-20cf30e32f6d)

Bugzilla Security Advisory Command Injection Some code in Bugzilla does not properly utilize 3 arguments form for open and it is possible for an account with editcomponents permissions to inject commands into product names and other attributes. Information Leak Using the WebServices API, a user c...