CVE-2023-45598

A CWE-425 “Direct Request 'Forced Browsing'” vulnerability in the “measure” functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue affects: AiLux imx6 bundle below version imx61.0.7-2...

Malicious code in elf-stats-snuggly-workbench-425 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffcc55f9b11b19f501602a44022d110a6a3fe3bc393dba9d0f06fce60fc189d6 The package elf-stats-snuggly-workbench-425 was found to contain malicious code...

EUVD-2019-11889

Malware in sbrugna...

EUVD-2018-5844

Malware in sbrugna...

EUVD-2019-11935

Malware in sbrugna...

EUVD-2017-9292

Malware in sbrugna...

EUVD-2017-9308

Malware in sbrugna...

EUVD-2017-7263

Malware in sbrugna...

EUVD-2023-49890

Malicious code in bioql PyPI...

EUVD-2023-49888

Malicious code in bioql PyPI...

Jenkins plugin HTML Publisher 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

CVE-2023-45596

A CWE-425 “Direct Request 'Forced Browsing'” vulnerability in the “fileconfiguration” functionality of the web application allows a remote unauthenticated attacker to access confidential configuration files. This issue affects: AiLux imx6 bundle below version imx61.0.7-2...

CVE-2024-0204: Critical Authentication Bypass in Fortra GoAnywhere MFT

On January 22, 2024, Fortra published a security advisory on CVE-2024-0204, a critical authentication bypass affecting its GoAnywhere MFT secure managed file transfer product prior to version 7.4.1. The vulnerability is remotely exploitable and allows an unauthorized user to create an admin user...

Amazon Linux 2023 : binutils, binutils-devel, binutils-gprofng (ALAS2023-2023-425)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-425 advisory. A potential illegal memory access in binutils has been found when parsing a corrupt file. CVE-2023-1579 Tenable has extracted the preceding description block directly from the tested product security...

CVE-2020-7541

A CWE-425: Direct Request 'Forced Browsing' vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules see security notification for affected versions, that could cause disclosure of sensitive data when sending a...

Spoofing

A CWE-425: Direct Request 'Forced Browsing' vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules see security notification for affected versions, that could cause disclosure of sensitive data when sending a...

CVE-2020-7541

The CVE-2020-7541 issue affects Schneider Electric Modicon devices: Modicon M340 Web Server, Legacy Modicon Quantum and Modicon Premium, and related Communication Modules. It is a CWE-425 Direct Request (Forced Browsing) flaw that could disclose sensitive data when a specially crafted HTTP reques...

CVE-2020-7541

A CWE-425: Direct Request 'Forced Browsing' vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules see security notification for affected versions, that could cause disclosure of sensitive data when sending a...

CVE-2019-2246

Thread start can cause invalid memory writes to arbitrary memory location since the argument is passed by user to kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9205, MDM9640, MSM8996AU, QCA6574,...

CVE-2019-2332

Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607,...