EUVD-2021-22011

Malware in sbrugna...

EUVD-2023-43919

Malicious code in bioql PyPI...

EUVD-2022-3015

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-15569

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/querieshelper.rb via a multi-value field with a crafted value tha...

PT-2024-11728 · Northern.Tech · Mender

Name of the Vulnerable Software and Affected Versions: Northern.tech Mender versions 3.3.x through 3.3.1 Northern.tech Mender versions 3.4.x through 3.4.0 Northern.tech Mender versions 3.5.x through 3.5.0 Northern.tech Mender versions 3.6.x through 3.6.0 Description: The issue is related to...

CVE-2023-3243

UNSUPPORTED WHEN ASSIGNED An attacker can capture an authenticating hash and utilize it to create new sessions. The hash is also a poorly salted MD5 hash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X. Recommended fix: Upgrade to a...

CVE-2023-3243

UNSUPPORTED WHEN ASSIGNED An attacker can capture an authenticating hash and utilize it to create new sessions. The hash is also a poorly salted MD5 hash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X. Recommended fix: Upgrade to a...

PT-2023-23789 · Alerton · Alerton Acm

Name of the Vulnerable Software and Affected Versions: BCM-WEB version 3.3.X Description: An attacker can capture an authenticating hash and utilize it to create new sessions. The hash is also a poorly salted MD5 hash, which could result in a successful brute force password attack. Recommendation...

GHSA-G4RG-RW65-8HFG Symfony Session Fixation Vulnerability

An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the "Guard" login feature may allow an attacker to impersonate a victim towards the web...

GHSA-R2RQ-3H56-FQM4 Symfony DoS

An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafte...

Symfony DoS

An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafte...

GHSA-G4G7-Q726-V5HG Symfony CSRF Token Fixation

An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user's session is invalidated when the user is logged out. This behavior can be disabled through the...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices Cameralyzer, which stems from incorrect access control. The following versions are affected:...

DEBIAN-CVE-2019-18890

A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query...

CVE-2019-9653

NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauthenticated attackers to execute arbitrary commands via shell metacharacters to handleloadconfig.php...

CVE-2016-10742

Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter...

CVE-2018-16886

etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control RBAC is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name CN which matches a valid RBAC username, a remot...

CVE-2018-16886

etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control RBAC is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name CN which matches a valid RBAC username, a remot...

Joomla! 3.3.x < 3.8.2 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by an authentication bypass and multiple information disclosure vulnerabilities. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version...

Moodle CMS <= 3.1.12, 3.2.x, 3.3.x <= 3.3.6, 3.4.x <= 3.4.3, 3.5.0 Multiple Vulnerabilities - Windows

Moodle CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle"; ifdescription...