695 matches found
[SECURITY] Fedora 43 Update: rclone-1.74.3-1.fc43
"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Driv e, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files...
[SECURITY] Fedora 44 Update: rclone-1.74.3-1.fc44
"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Driv e, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files...
Malicious code in yastatic-s3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6abc47a32b453ee0a12ea33e7512ccdea60ed1868839e952cbeedaccd002a06 Package name mimics Yandex's yastatic static-asset namespace. On install, postinstall.js performs an unconditional plain-HTTP GET to a hardcoded...
Malicious code in yandex-geobase (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f6219d513896736aee31ce33719d6ae2d1f5b03293ecdfe884d944bbb3eb99a [email protected] squats the internal-sounding name 'yandex-geobase' and ships a postinstall script that performs an HTTP GET to a hardcoded bare-...
MAL-2026-6574 Malicious code in yandex-geobase (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f6219d513896736aee31ce33719d6ae2d1f5b03293ecdfe884d944bbb3eb99a [email protected] squats the internal-sounding name 'yandex-geobase' and ships a postinstall script that performs an HTTP GET to a hardcoded bare-...
CVE-2025-14545
The YML for Yandex Market WordPress plugin before 5.0.26 is vulnerable to Remote Code Execution via the feed generation process...
CVE-2026-10549
LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting in unauthorized access to the database...
CVE-2026-10549
LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting in unauthorized access to the database...
CVE-2026-10549
CVE-2026-10549 describes an LDAP filter injection in Yandex Database leading to bypass of group membership checks and unauthorized access for an attacker with valid LDAP credentials. Affected product: Yandex Database before version 25.3.1.25. Root cause: LDAP filter injection in the authenticatio...
CVE-2026-10549
LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting in unauthorized access to the database...
EUVD-2026-33900
LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting in unauthorized access to the database...
CVE-2026-10549 Privilege escalation in Yandex Database
LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting in unauthorized access to the database...
CVE-2026-10549 Privilege escalation in Yandex Database
LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting in unauthorized access to the database...
Yandex Database 安全漏洞
Yandex Database is a distributed SQL database management system developed by the Russian company Yandex. Versions of Yandex Database prior to 25.3.1.25 contained security vulnerabilities. These vulnerabilities were caused by LDAP filter injection issues, which could allow remote attackers to bypa...
PT-2026-45722
LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting in unauthorized access to the database...
[SECURITY] Fedora 43 Update: rclone-1.74.0-2.fc43
"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Driv e, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files...
[SECURITY] Fedora 44 Update: rclone-1.74.0-2.fc44
"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Driv e, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files...
WordPress YML for Yandex Market plugin < 5.0.26 - Shop Manager+ RCE via Feed Generation vulnerability
Shop Manager+ RCE via Feed Generation vulnerability discovered by Alex Tselevich nos3curity in WordPress Plugin YML for Yandex Market versions 5.0.26...
EUVD-2025-209399
The YML for Yandex Market WordPress plugin before 5.0.26 is vulnerable to Remote Code Execution via the feed generation process...
CVE-2025-14545
The YML for Yandex Market WordPress plugin before 5.0.26 is vulnerable to Remote Code Execution via the feed generation process...