76 matches found
Cloud Foundry windows-utilities-release 安全漏洞
Cloud Foundry Windows-Utilities-Release is a collection of Windows platform maintenance tools provided by the Cloud Foundry company. There are security vulnerabilities in Cloud Foundry Foundation Windows-Utilities-Release; these vulnerabilities stem from the use of a predictable random number...
CVE-2018-25387
HaPe PKH 1.1 contains a cross-site request forgery vulnerability that allows attackers to change administrator passwords by submitting forged requests to the user update endpoint. Attackers can craft malicious forms targeting the aksiuser.php script with parameters like iduser, password, and leve...
CVE-2025-15554
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
CVE-2025-15554
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
PT-2026-25677
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
Tinycontrol多款产品 安全漏洞
Tinycontrol tcPDU is a product of the Polish company Tinycontrol. Tinycontrol tcPDU is a network distribution unit. Tinycontrol LAN Controllers LK3.5 is a device for remote monitoring and control of environmental parameters. Tinycontrol LAN Controllers LK3.9 is also a device for remote monitoring...
Truesec LAPSWebUI 安全漏洞
Truesec LAPSWebUI is a web-based management interface provided by the Swedish company Truesec. Versions of Truesec LAPSWebUI prior to version 2.4 contained security vulnerabilities. These vulnerabilities stemmed from the browser caching of LAPS passwords, which could allow attackers to gain...
Brocade SANnav 安全漏洞
Brocade SANnav is a storage area network management software developed by the American company Brocade. Versions of Brocade SANnav prior to 2.4.0b contained security vulnerabilities. These vulnerabilities stemmed from the fact that logs supported by SANnav recorded administrator passwords for...
CVE-2019-25242
FaceSentry Access Control System 6.4.8 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change administrator passwords, add new admin users, or open access control doors by...
CVE-2025-63205
An issue was discovered in bridgetech probes VB220 IP Network Probe,VB120 Embedded IP + RF Probe, VB330 High-Capacity Probe, VB440 ST 2110 Production Analytics Probe, and NOMAD, firmware versions 6.5.0-9, allowing attackers to gain sensitive information such as administrator passwords via the...
CVE-2025-63205
An issue was discovered in bridgetech probes VB220 IP Network Probe,VB120 Embedded IP + RF Probe, VB330 High-Capacity Probe, VB440 ST 2110 Production Analytics Probe, and NOMAD, firmware versions 6.5.0-9, allowing attackers to gain sensitive information such as administrator passwords via the...
PT-2025-47492
Name of the Vulnerable Software and Affected Versions bridgetech probes VB220 IP Network Probe, VB120 Embedded IP + RF Probe, VB330 High-Capacity Probe, VB440 ST 2110 Production Analytics Probe, and NOMAD versions 6.5.0-9 Description An issue exists that allows attackers to gain sensitive...
PT-2025-47498
Name of the Vulnerable Software and Affected Versions bridgetech VB288 Objective QoE Content Extractor version 5.6.0-8 Description A flaw exists in bridgetech VB288 Objective QoE Content Extractor firmware version 5.6.0-8 that allows attackers to obtain sensitive information, including...
Lynx Twonky Server 安全漏洞
Lynx Twonky Server is a DLNA/UPnP media server from Lynx USA. A security vulnerability exists in Lynx Twonky Server version 8.5.2, which stems from the use of hard-coded encryption keys that could lead to the decryption of administrator passwords...
Authorization Bypass Through User-Controlled Key
Overview @strapi/core is a Core of Strapi Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the lookup operator in the document service due to improper sanitization of query operator for private fields . An attacker can retrieve sensitive...
CVE-2025-6038
The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up to, and including, 1.4.0. This is due to the plugin not properly validating a user's identity prior to updating...
EUVD-2010-5054
Malware in sbrugna...
EUVD-2019-4008
Malware in sbrugna...
EUVD-2017-18074
Malware in sbrugna...
EUVD-2004-2313
Malware in sbrugna...