PT-2026-43560

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountByID function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECT24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymbCONNECT24 is an internal...

EUVD-2025-1684

Malicious code in bioql PyPI...

EUVD-2021-3323

Malicious code in bioql PyPI...

CVE-2025-26318

hb.exe in TSplus Remote Access before 17.30 2024-10-30 allows remote attackers to retrieve a list of all domain accounts currently connected to the application...

CVE-2023-0738

CVE-2023-0738 relates to OrangeScrum 2.0.11, where an external attacker can obtain arbitrary user accounts. The root cause described across sources is that the application returns malicious user input in responses with content-type text/html, enabling account disclosure via a reflected/input-outp...

Google Android Information Disclosure Vulnerability (CNVD-2021-101697)

Google Android is a Linux-based open-source operating system from the U.S. company Google Google. information disclosure vulnerabilities exist in Google Android 9, 10 and 11. The vulnerability arises from the retrieval of accounts in devices with permissions due to permission bypass in the...

CVE-2021-0704

In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges...