EulerOS Virtualization 2.10.1 : sqlite (EulerOS-SA-2026-1006)

According to the versions of the sqlite package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service...

Phoenix Contact FL SWITCH 跨站脚本漏洞

The PHOENIX CONTACT FL SWITCH is an industrial grade Ethernet switch from PHOENIX CONTACT, Germany. A cross-site scripting vulnerability exists in Phoenix Contact FL SWITCH versions prior to 3.50, which originates from a cross-site scripting attack that could result in modification of device...

PHOENIX CONTACT FL SWITCH 安全漏洞

PHOENIX CONTACT FL SWITCH is an industrial grade Ethernet switch from PHOENIX CONTACT, Germany. A security vulnerability exists in PHOENIX CONTACT FL SWITCH versions prior to 3.50, which stems from the SSH feature that allows the execution of commands that may result in degraded performance of...

PHOENIX CONTACT FL SWITCH 跨站脚本漏洞

PHOENIX CONTACT FL SWITCH is an industrial grade Ethernet switch from PHOENIX CONTACT, Germany. A cross-site scripting vulnerability exists in PHOENIX CONTACT FL SWITCH versions prior to 3.50, which can be exploited by an unauthenticated, remote attacker to trick an authenticated user into clicki...

SQLite <= 3.50 DoS Vulnerability

SQLite is prone to a denial of service DoS vulnerability. Note: This VT has been deprecated as the attached CVE has been rejected as a duplicate of CVE-2025-29088. This older CVE is already covered in the VT SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from ...

EUVD-2005-4615

Malware in sbrugna...

EUVD-2004-1926

Malware in sbrugna...

Emerson OSE Credentials Management Errors (CVE-2013-0694)

The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by...

CVE-2020-6974

Honeywell Notifier Web Server NWS Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem...

CVE-2020-6974

Honeywell Notifier Web Server NWS Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem...

Path traversal

Honeywell Notifier Web Server NWS Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem...

CVE-2020-6974

Honeywell Notifier Web Server NWS Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem...

Authentication flaw

In Notifier Web Server NWS Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser...

CVE-2020-6972

CVE-2020-6972 affects Honeywell/NWS Notifier Web Server (NWS-3) versions 3.50 and earlier. The vulnerability is an authentication bypass by a capture-replay attack from a web browser, with CVSS v3.1 base score 9.1 (Network, Privileges None, User Interaction None; Confidentiality/Integrity High, A...

Security Bulletin: Potential SSL/TLS-related denial of service vulnerability in IBM Informix Client SDK (CVE-2013-6329)

Summary Informix Client SDK is impacted by a vulnerability in IBM's GSKIT library which can result in a denial of service caused by an error in SSL/TLS handshake processing related to session resumption when using SSLv2. A remote attacker could exploit this vulnerability to cause the system to...

VCDGear 3.50 (.cue) - Stack Buffer Overflow Exploit

No description provided by source. !/usr/bin/ruby ''' Author: Provensec www.provensec.com [email protected] Tested on XP SP3 / Windows 7 Description: VCDGEAR 3.50 is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on...

Jax Guestbook 3.50 Page Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17560/info Jax Guestbook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browse...

HP AutoPass License Server File Upload Exploit

Exploit for java platform in category remote exploits This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'HP AutoPass License Server File Upload', 'Description' = %q This module exploit...

HP AutoPass License Server File Upload

This module exploits a code execution flaw in HP AutoPass License Server. It abuses two weaknesses in order to get its objective. First, the AutoPass application doesn't enforce authentication in the CommunicationServlet component. Second, it's possible to abuse a directory traversal when uploadi...

VCDGear 3.50 - &#039;.cue&#039; Local Stack Buffer Overflow

!/usr/bin/ruby ''' Author: Provensec www.provensec.com Tested on XP SP3 / Windows 7 Description: VCDGEAR 3.50 is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker can exploit this issue to...