EUVD-2026-29980

A vulnerability exists in the undisclosed pages in the Configuration utility that may allow a low-privileged authenticated attacker to access to undisclosed sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-40699

A vulnerability exists in the undisclosed pages in the Configuration utility that may allow a low-privileged authenticated attacker to access to undisclosed sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP, which stems from unpublicized pages...

PT-2026-29735

Name of the Vulnerable Software and Affected Versions Customer Managed ShareFile Storage Zones Controller affected versions not specified Description An issue in the Customer Managed ShareFile Storage Zones Controller exists due to improper access control. This allows an unauthenticated remote...

CVE-2021-47741

ZBL EPON ONU Broadband Router V100R001 contains a privilege escalation vulnerability that allows limited administrative users to elevate access by sending requests to configuration endpoints. Attackers can exploit the vulnerability by accessing the configuration backup or password page to disclos...

PT-2025-54422

ZBL EPON ONU Broadband Router V100R001 contains a privilege escalation vulnerability that allows limited administrative users to elevate access by sending requests to configuration endpoints. Attackers can exploit the vulnerability by accessing the configuration backup or password page to disclos...

Nautobot Single Source of Truth 访问控制错误漏洞

Nautobot Single Source of Truth is an open source data integration and synchronization plugin for Nautobot. An access control error vulnerability exists in Nautobot Single Source of Truth versions prior to 3.10.0, which originates from an unauthenticated attacker having access to configuration...

EUVD-2019-8743

Malware in sbrugna...

EUVD-2007-2028

Malware in sbrugna...

EUVD-2024-27584

Malicious code in bioql PyPI...

BAB TECHNOLOGIE EIBPORT V3 授权问题漏洞

BAB TECHNOLOGIE EIBPORT V3 is an advanced device for KNX system visualization and automation from BAB TECHNOLOGIE, Germany, that allows users to access and manage various functions in a smart building via mobile devices. An authorization issue vulnerability exists in BAB TECHNOLOGIE EIBPORT V3...

CVE-2013-7367

SAP Enterprise Portal does not properly restrict access to the Federation configuration pages, which allows remote attackers to gain privileges via unspecified vectors...

CVE-2024-57804

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs The driver, through the SAS transport, exposes a sysfs interface to enable/disable PHYs in a controller/expander setup. When multiple PHYs are disabled and...

CVE-2020-3525

A vulnerability in the Admin portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected system. The vulnerability is due to the incorrect inclusion of saved passwords when loading configuration page...

CVE-2020-3525 Cisco Identity Services Engine Password Disclosure to an Unauthorized Actor Vulnerability

A vulnerability in the Admin portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected system. The vulnerability is due to the incorrect inclusion of saved passwords when loading configuration page...

CVE-2020-3525 Cisco Identity Services Engine Password Disclosure to an Unauthorized Actor Vulnerability

A vulnerability in the Admin portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected system. The vulnerability is due to the incorrect inclusion of saved passwords when loading configuration page...

CVE-2024-2635

The configuration pages available are not intended to be placed on an Internet facing web server, as they expose file paths to the client, who can be an attacker. Instead of rewriting these pages to avoid this vulnerability, they will be dismissed from future releases of Cegid Meta4 HR, as they d...

CVE-2024-2635 Multiple vulnerabilities on Meta4 HR from Cegid

The configuration pages available are not intended to be placed on an Internet facing web server, as they expose file paths to the client, who can be an attacker. Instead of rewriting these pages to avoid this vulnerability, they will be dismissed from future releases of Cegid Meta4 HR, as they d...

CVE-2024-2635 Multiple vulnerabilities on Meta4 HR from Cegid

The configuration pages available are not intended to be placed on an Internet facing web server, as they expose file paths to the client, who can be an attacker. Instead of rewriting these pages to avoid this vulnerability, they will be dismissed from future releases of Cegid Meta4 HR, as they d...

WordPress Plugin Controlled Admin Access 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...