CVE-2026-30783 RustDesk Client Can Orphan API Channel to Ignore All Admin Commands and ACL Policies

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Client signaling, API sync loop, config management modules allows Privilege Abuse. This vulnerability is associated with program files src/rendezvousmediator.Rs, src/hbbshttp/sync....

CVE-2026-30783 RustDesk Client Can Orphan API Channel to Ignore All Admin Commands and ACL Policies

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Client signaling, API sync loop, config management modules allows Privilege Abuse. This vulnerability is associated with program files src/rendezvousmediator.Rs, src/hbbshttp/sync....

CVE-2020-36865

Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the BPI Business Process Intelligence component’s Config Management and Edit Config page. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the...

EUVD-2020-30806

Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the BPI Business Process Intelligence component’s Config Management and Edit Config page. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the...

CVE-2020-36865

Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the BPI Business Process Intelligence component’s Config Management and Edit Config page. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the...

CVE-2020-36865

Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the BPI Business Process Intelligence component’s Config Management and Edit Config page. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the...

CVE-2020-36865 Nagios XI < 5.7.2 XSS via BPI Config Management

Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the BPI Business Process Intelligence component’s Config Management and Edit Config page. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the...

CVE-2020-36865

Nagios XI

MAL-2025-49238 Malicious code in ssp-config-management-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db3d336f799326b6b1dfcbb9485d62b5d02423f9c6a7e7dbb4c29940c22e0ef5 The package ssp-config-management-tool was found to contain malicious code...

Malicious code in ssp-config-management-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db3d336f799326b6b1dfcbb9485d62b5d02423f9c6a7e7dbb4c29940c22e0ef5 The package ssp-config-management-tool was found to contain malicious code...

EUVD-2025-37055

Malicious code in ssp-config-management-tool npm...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 5.7.2 that stems from the Config Management and...

PT-2025-44548

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.7.2 Description Nagios XI versions prior to 5.7.2 are susceptible to cross-site scripting XSS through the Business Process Intelligence BPI component’s Config Management and Edit Config page. Insufficient validati...

EUVD-2020-22411

Malware in sbrugna...

Malicious code in config-management-cli (npm)

The package config-management-cli was found to contain malicious code...

MAL-2025-17476 Malicious code in config-management-cli (npm)

The package config-management-cli was found to contain malicious code...

CVE-2020-2611

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Enterprise Config Management. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HT...

CVE-2022-4975

A flaw was found in the Red Hat Advanced Cluster Security RHACS portal. When rendering a table view in the portal, for example, on any of the /main/configmanagement/ endpoints, the front-end generates a DOM table-element id="pdf-table". This information is then populated with unsanitized data usi...

PT-2025-1377 · Red Hat · Red Hat Advanced Cluster Security

Name of the Vulnerable Software and Affected Versions: Red Hat Advanced Cluster Security RHACS affected versions not specified Description: A flaw was found in the Red Hat Advanced Cluster Security RHACS portal. When rendering a table view in the portal, for example, on any of the...

CVE-2023-45822

Artifact Hub (the web-based NFT/CI group hub) is affected by CVE-2023-45822 due to a default unsafe rego built-in being allowed in authorization policies, enabling policies to perform HTTP requests and potentially expose internal resources. The root cause is that rego policies could issue network...