EUVD-2019-0723

Malware in sbrugna...

EUVD-2008-3631

Malware in sbrugna...

EUVD-2021-27564

Malicious code in bioql PyPI...

Mattermost allows unauthorized channel member management through playbook runs

Mattermost versions 10.5.x = 10.5.5, 9.11.x = 9.11.15, 10.8.x = 10.8.0, 10.7.x = 10.7.2, 10.6.x = 10.6.5 fail to properly enforce channel member management permissions in playbook runs, allowing authenticated users without the 'Manage Channel Members' permission to add or remove users from public...

CVE-2019-13236

In system/workplace/ in Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple Reflected and Stored XSS issues in the management interface...

CVE-2019-13237

In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an attacker to access server resources: clearhistory.jsp, convertxml.jsp, groupnew.jsp, loginmessage.jsp, xmlcontentrepair.jsp, and /system/workplace/admin/history/settings/index.jsp...

CVE-2025-22473

Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code...

CVE-2025-22472

Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to...

CVE-2024-49558

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2024-48837

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution...

CVE-2024-49560

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains a command injection vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution...

CVE-2024-25949

Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an improper authorization vulnerability. A remote authenticated attacker could potentially exploit this vulnerability leading to escalation of privileges...

CVE-2024-22910

Cross Site Scripting XSS vulnerability in CrushFTP v.10.6.0 and v.10.5.5 allows an attacker to execute arbitrary code via a crafted payload...

CrushFTP 安全漏洞

CrushFTP is a file transfer server. A security vulnerability exists in CrushFTP version v.10.6.0 and v.10.5.5, which stems from the presence of a cross-site scripting XSS vulnerability that allows attackers to execute arbitrary code via a crafted payload...

[R2] Nessus Version 10.5.5 Fixes Multiple Vulnerabilities

R2 Nessus Version 10.5.5 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 09/21/2023 - 10:55 A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application. - CVE-2023-3251 An arbitrary fil...

Tenable Nessus Multiple Vulnerabilities (TNS-2023-29, TNS-2023-31)

Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...

CVE-2023-29095

Auth. admin+ SQL Injection SQLi vulnerability in David F. Carr RSVPMaker plugin 10.5.5 versions...

WordPress RSVPMarker Plugin < 10.5.5 is vulnerable to SQL Injection

Software RSVPMarker Type Plugin Vulnerable versions 10.5.5 Fixed in 10.5.5 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-29095 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 4d11f7569f33 Credits Rafi Priatna Kasbiantoro Required privilege...

CVE-2021-40386

Kaseya Unitrends Client/Agent through 10.5,5 allows remote attackers to execute arbitrary code...

Kaseya Unitrends Client/Agent 安全漏洞

Kaseya Unitrends Client/Agent is a cloud-based enterprise backup and disaster recovery technology from Kaseya Corporation, USA. A security vulnerability exists in Kaseya Unitrends Client/Agent version 10.5.5 and prior versions. An attacker can exploit this vulnerability to execute arbitrary code...