51 matches found
vulnerabilities present in Microsoft Office
Microsoft has identified vulnerabilities in various Office products. A malicious individual can exploit these vulnerabilities to impersonate another user or execute arbitrary code with the victim’s privileges, potentially accessing sensitive data within the context of the victim’s account. For...
CVE-2026-4914
Stored XSS in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to obtain limited information from other user sessions. User interaction is required...
CVE-2025-41339
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'idsociedad' in '/backend/api/buscarTipoDenuncia.php'...
EUVD-2009-2679
Malware in sbrugna...
EUVD-2024-18790
Malicious code in bioql PyPI...
EUVD-2023-45273
Malicious code in bioql PyPI...
CVE-2025-36262
IBM Planning Analytics Local 2.0.0 through 2.0.106 and 2.1.0 through 2.1.13 could allow a malicious privileged user to bypass the UI to gain unauthorized access to sensitive information due to the improper validation of input...
Apple macOS Tahoe Permission Issue Vulnerability (CNVD-2025-22393)
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
CVE-2025-43325
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data...
Microsoft SQL Server 安全漏洞
Microsoft SQL Server is the United States Microsoft Microsoft company's set of applications in the Microsoft Windows system under the large commercial database system. A security vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to gain access to sensitive...
CVE-2009-2686
Unspecified vulnerability in HP NonStop G06.12.00 through G06.32.00, H06.08.00 through H06.18.01, and J06.04.00 through J06.07.01 allows local users to gain privileges, cause a denial of service, or obtain "access to data" via unknown vectors...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that stems from an access issue that could result in access to sensitive user data...
Vulnerabilities fixed in Microsoft Azure
Microsoft has fixed vulnerabilities in Azure products. A malicious person with prior authentication could exploit the vulnerabilities to gain access to sensitive data in the victim's context. Successful misuse requires the victim to log in, where the malicious person manages to win a race...
Vulnerabilities fixed in Siemens Products
Siemens has fixed vulnerabilities in various products such as Mendix, RUGGEDOM, SIMATIC, SINEMA, SIPROTEC and the Engineering Platforms for various systems. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: -...
CSS Exfil Protection 安全漏洞
CSS Exfil Protection is a browser plugin from the individual developer Mike Gualtieri. A security vulnerability exists in CSS Exfil Protection version v.1.1.0, which stems from a lack of support for CSS style rules and could allow a remote attacker to obtain sensitive information...
Vulnerabilities fixed in Oracle Enterprise Manager
Oracle has fixed vulnerabilities in Enterprise Manager components. A malicious party could exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Data manipulation. Remote code execution...
CVE-2023-6975
A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information...
Vulnerabilities fixed in Microsoft Dynamics
Microsoft has fixed vulnerabilities in Dynamics. A malicious party could exploit the vulnerabilities to launch a cross-site scripting attack, to gain access to sensitive data or to perform a denial-of-service. Microsoft Common Data Model SDK:...
Vulnerabilities fixed in Microsoft Azure
Microsoft has fixed vulnerabilities in several Azure components. A malicious party could exploit the vulnerabilities to impersonate another user, potentially gaining access gain access to sensitive data in the victim's context, or execute code with the victim's privileges. Successful exploitation...
Vulnerabilities fixed in Brocade FabricOS
Vulnerabilities have been fixed in Brocade FabricOS. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Data manipulation. Remote code execution...