EUVD-2026-31960

Snipe-IT is an IT asset/license management system. Prior to 8.4.1, users with component view access could be impacted by an unescaped notes column, resulting in cross-site scripting XSS. This vulnerability is fixed in 8.4.1...

CVE-2023-43183

Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows read-only users to arbitrarily change the password of an admin and hijack their account...

CVE-2025-61037

A local privilege escalation vulnerability exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The flaw is a Time-of-Check Time-of-Use TOCTOU race condition in the license management logic. The regService process, which runs with SYSTEM privileges, creates a fixed directory and writes files...

EUVD-2025-206033

A local privilege escalation vulnerability exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The flaw is a Time-of-Check Time-of-Use TOCTOU race condition in the license management logic. The regService process, which runs with SYSTEM privileges, creates a fixed directory and writes files...

CVE-2025-61037

A local privilege escalation vulnerability exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The flaw is a Time-of-Check Time-of-Use TOCTOU race condition in the license management logic. The regService process, which runs with SYSTEM privileges, creates a fixed directory and writes files...

SevenCs ORCA G2 安全漏洞

SevenCs ORCA G2 is an electronic charting system from SevenCs Germany. A security vulnerability exists in SevenCs ORCA G2 version 2.0.1.35, which stems from a competing condition in the license management logic that could lead to elevated privileges...

CVE-2025-61037

SevenCs ORCA G2 2.0.1.35 (EC2007 Kernel v5.22) is affected by a local TOCTOU race in the license management logic. The regService process (SYSTEM) creates a fixed directory and writes files without verifying NTFS reparse points; an attacker can race to replace the directory with a junction to a u...

CVE-2025-61037

A local privilege escalation vulnerability exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The flaw is a Time-of-Check Time-of-Use TOCTOU race condition in the license management logic. The regService process, which runs with SYSTEM privileges, creates a fixed directory and writes files...

CVE-2025-61037

A local privilege escalation vulnerability exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The flaw is a Time-of-Check Time-of-Use TOCTOU race condition in the license management logic. The regService process, which runs with SYSTEM privileges, creates a fixed directory and writes files...

EUVD-2018-1461

Malware in sbrugna...

EUVD-2020-2521

Malware in sbrugna...

EUVD-2017-15728

Malware in sbrugna...

EUVD-2005-0152

Malware in sbrugna...

EUVD-2009-2447

Malware in sbrugna...

EUVD-2021-9475

Malicious code in bioql PyPI...

EUVD-2023-54030

Malicious code in bioql PyPI...

EUVD-2023-53906

Malicious code in bioql PyPI...

EUVD-2025-29048

Malicious code in bioql PyPI...

HPE AutoPass License Server 安全漏洞

HPE AutoPass License Server is a license management system from HPE America. A security vulnerability exists in HPE AutoPass License Server versions prior to 9.17 that stems from an information disclosure...

CVE-2023-4013

The GDPR Cookie Compliance CCPA, DSGVO, Cookie Consent WordPress plugin before 4.12.5 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks...