21 matches found
EUVD-2018-2991
Malware in sbrugna...
EUVD-2025-10484
Malicious code in bioql PyPI...
EUVD-2022-42340
Malicious code in bioql PyPI...
CVE-2024-38865
Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 EOL allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their user account and for ...
CVE-2024-38865
Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 EOL allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their user account and for ...
UBUNTU-CVE-2024-38865
Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 EOL allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their user account and for ...
CVE-2024-38865 Livestatus command injection in RestAPI
Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 EOL allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their user account and for ...
CVE-2024-38865 Livestatus command injection in RestAPI
Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 EOL allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their user account and for ...
CVE-2024-38865
CVE-2024-38865 affects Checkmk RestAPI: an improper neutralization of livestatus command delimiters in a specific endpoint allows arbitrary livestatus command execution. Affected versions are prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 (EOL). Exploitation requires the attacker to belong to a contac...
PT-2025-15924 · Checkmk · Checkmk
Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.2.0p39 Checkmk versions prior to 2.3.0p25 Checkmk versions prior to 2.1.0p51 Description: The issue is related to improper neutralization of livestatus command delimiters in a specific endpoint within the RestAPI o...
CVE-2022-39895
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent...
Improper access control
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent...
CVE-2022-39895
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent...
PT-2022-25088 · Unknown · Contactlistutils
Name of the Vulnerable Software and Affected Versions: Phone versions prior to SMR Dec-2022 Release 1 Description: The issue is related to an improper access control vulnerability in ContactListUtils. This vulnerability allows access to contact group information via implicit intent...
CVE-2022-39895
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent...
Zimbra Collaboration Suite Cross-Site Scripting Vulnerability (CNVD-2018-10867)
Zimbra Collaboration Suite ZCS is an open source collaboration suite from Zimbra, Inc. that includes WebMail, Calendar, Address Book, etc. Zimbra Web Client ZWC is one of the Web-based client applications. A cross-site scripting vulnerability exists in ZWC in versions 8.8 prior to Zimbra ZCS...
Cross site scripting
Zimbra Web Client ZWC in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group...
CVE-2018-10939
Zimbra Web Client ZWC in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group...
CVE-2018-10939
Zimbra Web Client ZWC in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group...
CVE-2018-10939
Zimbra Collaboration Suite (ZCS) Web Client (ZWC) is affected by a persistent XSS issue in the ZWC component when used with ZCS versions 8.8.x before 8.8.8.Patch4 and 8.7.x before 8.7.11.Patch4. The vulnerability arises via a crafted contact group, enabling an attacker to inject arbitrary web scr...