14 matches found
CVE-2026-28434
The CVE affects cpp-httplib (C++11 single-file header-only library). Before 0.35.0, if a request handler throws an exception and no custom exception handler is registered via set_exception_handler(), the library writes the exception message into the HTTP response header EXCEPTION_WHAT and sends i...
EUVD-2022-49971
Malicious code in bioql PyPI...
EUVD-2022-49969
Malicious code in bioql PyPI...
EUVD-2022-49972
Malicious code in bioql PyPI...
TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability
TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability relies on how the Spring Boot Actuator is configured with an exposed heap dump endpoint at a /heapdump URI...
CVE-2024-31070
Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...
CVE-2025-29985
Dell Common Event Enabler, versions CEE 9.0.0.0, contains an Initialization of a Resource with an Insecure Default vulnerability in the Common Anti-Virus Agent CAVA. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access...
CVE-2025-29985
Dell Common Event Enabler, versions CEE 9.0.0.0, contains an Initialization of a Resource with an Insecure Default vulnerability in the Common Anti-Virus Agent CAVA. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access...
CVE-2025-29985
Dell Common Event Enabler (CEE) 9.0.0.0 contains an Initialization of a Resource with an Insecure Default vulnerability in the Common Anti-Virus Agent (CAVA). An unauthenticated, remote attacker could potentially exploit by abusing insecure default resource initialization to gain unauthorized acc...
BIT-GHOST-2022-47194
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this...
Default configuration
Initialization of a resource with an insecure default vulnerability in OET-213H-BTS1 sold in Japan by Atsumi Electric Co., Ltd. allows a network-adjacent unauthenticated attacker to configure and control the affected product...
CVE-2022-47197
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this...
CVE-2017-15269
The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans by default. These can be performed using "nmap -b" and allow performing scans via the FTP server...
Have to say by the campus network see Network Security status-vulnerability warning-the black bar safety net
Preface originally really do not want to write this article, but really can not let people endure. Did not expect the school campus network security situation is actually so bad, one of the most impressive Willy-nilly. Or administrator of quality and safety awareness. Status of the recall a year...