231 matches found
EUVD-2023-58769
Malicious code in bioql PyPI...
EUVD-2024-55005
Malicious code in bioql PyPI...
EUVD-2023-53258
Malicious code in bioql PyPI...
EUVD-2021-32450
Malicious code in bioql PyPI...
EUVD-2021-7627
Malicious code in bioql PyPI...
EUVD-2024-46231
Malicious code in bioql PyPI...
EUVD-2024-45056
Malicious code in bioql PyPI...
EUVD-2023-48672
Malicious code in bioql PyPI...
CVE-2025-55295
A path traversal vulnerability exists in qbitmanage's web API that allows authenticated users to read arbitrary files from the server filesystem through the restoreconfigfrombackup endpoint. The vulnerability allows attackers to bypass directory restrictions and read arbitrary files from the serv...
CVE-2024-52321
Multiple SHARP routers contain an improper authentication vulnerability in the configuration backup function. The product's backup files containing sensitive information may be retrieved by a remote unauthenticated attacker...
CVE-2023-44318
Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the...
CVE-2023-6538
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific...
CVE-2021-45732
Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted/obfuscated. By extracting the configuration using readily available public tools,...
CVE-2021-3473
An internal product security audit of Lenovo XClarity Controller XCC discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity Administrator LXCA is used to perform the backup/restore. The backup/restore password typically exists...
CVE-2019-6567
A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All Versions V5.2.4, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0, SCALANCE X-300 switch family incl. X408 and SIPLUS NET variants All versions V4.1.3, SCALANCE X-414-3E...
CVE-2019-10941
A vulnerability has been identified in SINEMA Server All versions V14 SP3. Missing authentication for functionality that requires administrative user identity could allow an attacker to obtain encoded system configuration backup files. This is only possible through network access to the affected...
CVE-2002-1892
NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information...
CVE-2024-57273
Netgate pfSense CE prior to 2.8.0 beta release and corresponding Plus builds is vulnerable to Cross-site scripting XSS in the Automatic Configuration Backup ACB service, allowing remote attackers to execute arbitrary JavaScript, delete backups, or leak sensitive information via an unsanitized...
CVE-2024-57273
Netgate pfSense CE prior to 2.8.0 beta release and corresponding Plus builds is vulnerable to Cross-site scripting XSS in the Automatic Configuration Backup ACB service, allowing remote attackers to execute arbitrary JavaScript, delete backups, or leak sensitive information via an unsanitized...
CVE-2024-57273
Netgate pfSense CE prior to 2.8.0 beta release and corresponding Plus builds is vulnerable to Cross-site scripting XSS in the Automatic Configuration Backup ACB service, allowing remote attackers to execute arbitrary JavaScript, delete backups, or leak sensitive information via an unsanitized...