1042 matches found
Cockpit Web Console < 360 - Remote Code Execution
Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...
Malicious code in @tse-digital/core (npm)
Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...
MAL-2026-5157 Malicious code in @tse-digital/core (npm)
Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...
Zoho ManageEngine - Remote Code Execution
Zoho ManageEngine Password Manager Pro, PAM 360, and Access Manager Plus are susceptible to unauthenticated remote code execution via XML-RPC. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary...
macOS Autodesk Fusion 360 <= 2606.0 Multiple Vulnerabilities (adsk-sa-2026-0005)
The version of Autodesk Fusion 360 installed on the remote macOS or Mac OS X host is less than or equal to 2606.0. It is, therefore, affected by multiple vulnerabilities: - A maliciously crafted HTML payload in a component name, when displayed during the delete confirmation dialog and clicked by ...
OPENSUSE-SU-2026:10531-1 cockpit-360-1.1 on GA media
These are all security issues fixed in the cockpit-360-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2018-19031
A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products 360 Safe Router P0,P1,P2,P3,P4, the affected version is V2.0.61.58897...
CVE-2021-33970
Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate priveleges...
CVE-2021-33972
Buffer Overflow vulnerability in Qihoo 360 Safe Browser v13.0.2170.0 allows attacker to escalate priveleges...
CVE-2021-33973
Buffer Overflow vulnerability in Qihoo 360 Safe guard v12.1.0.1004, v12.1.0.1005, v13.1.0.1001 allows attacker to escalate priveleges...
CVE-2021-33971
Qihoo 360 https://www.360.cn/ Qihoo 360 Safeguard https://www.360.cn/ Qihoo 360 Total Security http://www.360totalsecurity.com/ is affected by: Buffer Overflow. The impact is: execute arbitrary code local. The component is: This is a set of vulnerabilities affecting popular software, "360...
CVE-2022-27967
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of excluded files and profiles via a crafted GET request sent to /WebApp/SettingsExclusion/GetExclusionsProfiles...
CVE-2022-27873
An attacker can force the victim’s device to perform arbitrary HTTP requests in WAN through a malicious SVG file being parsed by Autodesk Fusion 360’s document parser. The vulnerability exists in the application’s ‘Insert SVG’ procedure. An attacker can also leverage this vulnerability to obtain...
CVE-2022-27968
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored files and profiles via a crafted GET request sent to /WebApp/SettingsFileMonitor/GetFileMonitorProfiles...
Malicious code in elf-stats-sleighing-hollyberry-360 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8706584c9235e1e7e2c849192a75e5ac5c6dccbf8e00e4ec0affaea9b48f17f The package elf-stats-sleighing-hollyberry-360 was found to contain malicious code...
MAL-2025-192137 Malicious code in elf-stats-sleighing-hollyberry-360 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8706584c9235e1e7e2c849192a75e5ac5c6dccbf8e00e4ec0affaea9b48f17f The package elf-stats-sleighing-hollyberry-360 was found to contain malicious code...
Microsoft Nuance PowerScribe 360 Information Disclosure Vulnerability
Microsoft Nuance PowerScribe 360 is a medical image reporting system for speech recognition, report generation and workflow management in radiology. An information disclosure vulnerability exists in Microsoft Nuance PowerScribe 360, which is due to improper authorization validation. An attacker...
CVE-2025-30398 Nuance PowerScribe 360 Information Disclosure Vulnerability
...
CVE-2025-30398 Nuance PowerScribe 360 Information Disclosure Vulnerability
...
CVE-2025-30398
CVE-2025-30398 — Nuance PowerScribe 360 Information Disclosure Vulnerability : Multiple sources (NVD, CNVD, EUVD, CIRCL, MSRC, CNNVD, PT-Security, Qualys blog) describe an information disclosure in Nuance PowerScribe 360 due to missing authorization validation. The vulnerability allows an unauthe...