273 matches found
PowerJob <=4.3.2 - Unauthenticated Access
PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface. id: CVE-2023-29923 info: name: PowerJob =4.3.2 - Unauthenticated Access author: For3stCo1d severity: medium description: | PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface. impact: ...
Adobe AEM Dispatcher <4.15 - Rules Bypass
Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors. id: CVE-2016-0957 info: name: Adobe AEM Dispatcher 4.15 - Rules Bypass author: geeknik severity:...
MobileIron Core - Remote Unauthenticated API Access
Ivanti Endpoint Manager Mobile EPMM, formerly MobileIron Core, Since CVE-2023-35082 arises from the same place as CVE-2023-35078, specifically the permissive nature of certain entries in the mifs web application’s security filter chain. id: CVE-2023-35082 info: name: MobileIron Core - Remote...
CVE-2026-44410
This vulnerability stems from a business logic flaw.Attackers can exploit legitimate application functions in unintended and abnormal ways, deviating from the designer's expectations, to carry out malicious attacks...
CVE-2026-44410
This vulnerability stems from a business logic flaw.Attackers can exploit legitimate application functions in unintended and abnormal ways, deviating from the designer's expectations, to carry out malicious attacks...
CVE-2026-44410
Technical details for CVE-2026-44410 are not publicly available in the provided documents. Monitor for updates from the vendor and CVE records for any concrete impact, affected components, or remediation.
ZTE ZXUniPOS NDS-LTE 安全漏洞
ZTE ZXUniPOS NDS-LTE is an operator network positioning platform developed by ZTE Corporation. ZTE ZXUniPOS NDS-LTE has a security vulnerability, which stems from business logic defects. Attackers can exploit the features of legitimate applications in an unintended and abnormal manner to carry ou...
Astra Linux – Vulnerability in Thunderbird, Firefox
Permission prompts for opening external schemes were only displayed for ContentPrincipals, allowing extensions to open them without user interaction through ExpandedPrincipals. This could lead to further malicious actions, such as downloading files or interacting with software already installed o...
Qool CMS 跨站脚本漏洞
Qool CMS is a content management system developed by basdog22. The Qool CMS 2.0 RC2 version has a cross-site scripting vulnerability. This vulnerability stems from cross-site request forgery, which may allow attackers to trick users into accessing malicious web pages and executing management...
CVE-2025-40552
SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication...
CVE-2021-27839
A CSV injection vulnerability found in Online Invoicing System OIS 4.3 and below can be exploited by users to perform malicious actions such as redirecting admins to unknown or harmful websites, or disclosing other clients' details that the user did not have access to...
PT-2025-47561
A Cross-Site Request Forgery CSRF vulnerability was identified in HCL Glovius Cloud. An attacker can force a user's web browser to execute an unwanted, malicious action on a trusted site where the user is authenticated, specifically on one endpoint...
CVE-2025-0277
HCL BigFix Mobile 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy CSP. An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content...
EUVD-2017-10316
Malware in sbrugna...
EUVD-2020-11265
Malware in sbrugna...
EUVD-2019-6242
Malware in sbrugna...
EUVD-2021-12339
Malware in sbrugna...
EUVD-2018-6183
Malware in sbrugna...
EUVD-2022-42932
Malicious code in bioql PyPI...
EUVD-2023-32328
Malicious code in bioql PyPI...