EUVD-2019-4195

Malware in sbrugna...

EUVD-2021-28867

Malicious code in bioql PyPI...

Dell PowerProtect Data Domain 安全漏洞

Dell PowerProtect Data Domain Dell PowerProtect DD is a suite of hardware appliances for data protection, backup, storage, and deduplication from Dell USA. A security vulnerability exists in Dell PowerProtect Data Domain that stems from an authentication bypass that could lead to a protection...

CVE-2019-14752

SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS...

Canonical Ubuntu Linux SEoL (7.10.x)

According to its version, Canonical Ubuntu Linux is 7.10.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...

BIT-SUITECRM-2020-8784

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection issue 2 of 4...

BIT-SUITECRM-2020-8786

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection issue 4 of 4...

BIT-SUITECRM-2020-8787

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted...

BIT-SUITECRM-2021-41869

SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation...

CVE-2021-41869

SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation...

CVE-2021-41869

SuiteCRM 7.10.x prior to 7.10.33 and 7.11.x prior to 7.11.22 are vulnerable to privilege escalation. The corroborating sources list the affected ranges and confirm the fix versions: 7.10.33 and 7.11.22. Root cause details are not provided in the documents, and there is no exploitation status repo...

Siren Federate 安全漏洞

Siren Federate is an application from Siren Ireland. It extends the Elasticsearch API to add high performance and scalable joins. A security vulnerability exists in Siren Federate that discloses user information across thread contexts when a low-privileged user and a high-privileged user execute...

CVE-2019-18785

Summary: CVE-2019-18785 affects SuiteCRM 7.10.x before 7.10.21 and 7.11.x before 7.11.9, due to mishandling of API access tokens and credentials. The available connected documents confirm the affected versions and the behavior but do not provide concrete technical details on root cause beyond tok...

CVE-2019-18782

SuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 does not correctly implement the .htaccess protection mechanism...

SalesAgility SuiteCRM Input Validation Error Vulnerability

SalesAgility SuiteCRM is a suite of enterprise-grade open source customer relationship management CRM. An input validation error vulnerability exists in SalesAgility SuiteCRM versions 7.10.x prior to 7.10.23 and 7.11.x prior to 7.11.11. An attacker could exploit the vulnerability to bypass securi...

CVE-2020-8787

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted...

CVE-2020-8787

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted...

CVE-2020-8783

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection issue 1 of 4...

Sql injection

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection issue 2 of 4...

CVE-2019-14454

SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation...