EUVD-2026-25391

Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS. Redirect parameter on login page is vulnerable to reflected XSS. The patch in commit 16d1b6ca2559f858a1de77bcb03fd7f1b81671c6 fixes the issue by restricting...

FNT Command 安全漏洞

FNT Command is a data center infrastructure management platform from FNT Germany. A security vulnerability exists in FNT Command version 13.4.0 that stems from the presence of a directory traversal vulnerability...

[SECURITY] Fedora 42 Update: opentofu-1.10.7-1.fc42

OpenTofu lets you declaratively manage your cloud infrastructure...

EUVD-2018-5755

Malware in sbrugna...

EUVD-2016-6738

Malware in sbrugna...

EUVD-2016-9981

Malware in sbrugna...

EUVD-2020-28924

Malware in sbrugna...

EUVD-2018-5756

Malware in sbrugna...

EUVD-2018-5757

Malware in sbrugna...

EUVD-2025-20510

Malicious code in bioql PyPI...

CVE-2025-10847 DX UIM Probe Improper ACL Handling RCE

DX Unified Infrastructure Management Nimsoft/UIM and below contains an improper ACL handling vulnerability in the robot controller component. A remote attacker can execute commands, read from, or write to the target system...

CVE-2025-10847

CVE-2025-10847 concerns Broadcom’s DX Unified Infrastructure Management (Nimsoft/UIM) robot/controller ACL handling. Connected sources indicate an improper ACL handling flaw that allows a remote attacker to execute commands and read from or write to the target system via the robot component. The ...

CVE-2020-8012

CA Unified Infrastructure Management Nimsoft/UIM 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot controller component. A remote attacker can execute arbitrary code...

CVE-2020-8010

CA Unified Infrastructure Management Nimsoft/UIM 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot controller component. A remote attacker can execute commands, read from, or write to the target system...

CVE-2020-8011

CA Unified Infrastructure Management Nimsoft/UIM 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot controller component. A remote attacker can crash the Controller service...

CVE-2020-28421

CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot controller component that allows local attackers to elevate privileges...

The vulnerability of the Aviatrix Controller software, a cloud infrastructure management tool, arises from the lack of measures to neutralize specific elements, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Aviatrix Controller software for managing cloud infrastructure is related to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

编号撤回

Red Hat Satellite 6 is an application system from Red Hat, Inc. provides an infrastructure management product specifically designed to keep Red Hat EnterpriseLinux® environments and other Red Hat infrastructures running efficiently, securely, and in compliance with various standards. This CVE...

ROS-20241203-22

The vulnerability in the Puppet Agent launcher app is due to the fact that the app silently ignores the settings of the Augeas before the first synchronization of the plugin. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in...

CVE-2024-50356

CVE-2024-50356 affects Press, a Frappe custom app (used with Frappe Cloud) that manages infrastructure, subscriptions and SaaS. The issue allows password resets by anyone with access to a user’s email inbox, circumventing 2FA, though logging in remains blocked for users who have 2FA enabled. A pa...