CVE-2022-23704

A potential security vulnerability has been identified in Integrated Lights-Out 4 iLO 4. The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 iLO 4 2.80 and later...

EUVD-2022-28643

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-14102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by...

PT-2025-32655 · Siemens · Sicam Q100 +1

Name of the Vulnerable Software and Affected Versions: POWER METER SICAM Q100 versions 2.60 through 2.61 POWER METER SICAM Q200 versions 2.70 through 2.79 Description: Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extra...

PT-2025-32656 · Siemens · Sicam Q100 +1

Name of the Vulnerable Software and Affected Versions: POWER METER SICAM Q100 versions 2.60 through 2.61 POWER METER SICAM Q200 versions 2.70 through 2.79 Description: Affected devices export the password for the SMTP account as plain text in the configuration file. This could allow an...

CVE-2024-38270

An insufficient entropy vulnerability caused by the improper use of a randomness function with low entropy for web authentication tokens generation exists in the Zyxel GS1900-10HP firmware version V2.80AAZI.0C0. This vulnerability could allow a LAN-based attacker a slight chance to gain a valid...

CVE-2022-23704

A potential security vulnerability has been identified in Integrated Lights-Out 4 iLO 4. The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 iLO 4 2.80 and later...

Denial of service

A potential security vulnerability has been identified in Integrated Lights-Out 4 iLO 4. The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 iLO 4 2.80 and later...

Sensormatic Electronics C-CURE 9000 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: C-CURE 9000 Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

PT-2019-18368 · Schneider Electric · Modicon M580

Name of the Vulnerable Software and Affected Versions: Modicon M580 versions prior to V2.80 Description: A vulnerability exists that could cause a possible denial of service when sending an appropriately timed HTTP request to the controller. This issue is related to an uncaught exception...

CVE-2019-6819

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to...

CVE-2017-14102

MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command, as...

Aktiv Player 2.80 Crash PoC

Exploit for windows platform in category dos / poc !/usr/bin/python Exploit Title: aktiv-player version 2.80 Exploit Author: IndonesiaGokilTeam Vendor Homepage: http://www.goforsharing.com/home-mainmenu-1/aktiv-player-mainmenu-131.html Tested on: Windows XP SP 3 sampah= "\x42" 200 file =...

Sql injection

SQL injection vulnerability in liga.php in H&H WebSoccer 2.80 allows remote attackers to execute arbitrary SQL commands via the id parameter...

H&H Solutions WebSoccer 2.80 - 'id' SQL Injection

source: https://www.securityfocus.com/bid/31963/info H&H Solutions WebSoccer is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access...

hhwebsoccer-sql.txt

------------------------------------------------------------------------------------------------------------------ H&H WebSoccer 2.80 liga.php SQL injection Vulnerability http://www.hh-solutions.de ------------------------------------------------------------- Bug founded by d3v1l avram marius Dat...

apt-listchanges不安全路径库导入本地SHELL代码执行漏洞

apt-listchanges是一款使用当前安装来对比新版本的工具。 apt-listchanges当导入部分库的时候使用不安全路径，本地攻击者可以利用漏洞以应用程序进程权限执行任意SHELL代码。 目前没有详细漏洞细节提供。 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32...

CVE-2000-0908

BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request...

CVE-2000-0908

BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request...