EUVD-2017-9076

Malware in sbrugna...

EUVD-2022-45772

Malicious code in bioql PyPI...

EUVD-2023-30362

Malicious code in bioql PyPI...

EUVD-2025-32058

Malicious code in bioql PyPI...

EUVD-2025-31137

Malicious code in bioql PyPI...

O-RAN Near-Realtime RIC 安全漏洞

The O-RAN Near-Realtime RIC is an inbound component of the O-RAN organization. A security vulnerability exists in the O-RAN Near-Realtime RIC that stems from the Subscription Manager API component being susceptible to a specially crafted request attack that could result in a denial of service...

CVE-2025-57446

An issue in O-RAN Near Realtime RIC ric-plt-submgr in the J-Release environment, allows remote attackers to cause a denial of service DoS via a crafted request to the Subscription Manager API component...

Dragonfly vulnerable to server-side request forgery

Impact There are multiple server-side request forgery SSRF vulnerabilities in the DragonFly2 system. The vulnerabilities enable users to force DragonFly2’s components to make requests to internal services, which otherwise are not accessible to the users. One SSRF attack vector is exposed by the...

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication via the Manager web UI endpoints /api/v1/jobs and /preheats. An attacker can gain unauthorized access to create, delete, or modify jobs, and initiate preheat jobs by sending unauthenticated requests to these...

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication via the Manager web UI endpoints /api/v1/jobs and /preheats. An attacker can gain unauthorized access to create, delete, or modify jobs, and initiate preheat jobs by sending unauthenticated requests to these...

CVE-2025-59346 Dragonfly server-side request forgery vulnerability

Dragonfly is an open source P2P-based file distribution and image acceleration system. Versions prior to 2.1.0 contain a server-side request forgery SSRF vulnerability that enables users to force DragonFly2’s components to make requests to internal services that are otherwise not accessible to...

Dragonfly 代码问题漏洞

Dragonfly is an open source framework from DragonflyDB that allows dynamic processing of any content type. A code issue vulnerability exists in Dragonfly versions prior to 2.1.0, which stems from the Manager API accepting a user-supplied URL with insufficient validation when creating a Preheat jo...

Linux Distros Unpatched Vulnerability : CVE-2019-18610

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated...

Linux Distros Unpatched Vulnerability : CVE-2022-42706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1. GetConfig, via Asterisk...

Sangfor Endpoint Detection and Response 安全漏洞

Sangfor Endpoint Detection and Response is a next-generation endpoint security solution from China-based Sangfor. A security vulnerability exists in Sangfor Endpoint Detection and Response versions 3.2.16, 3.2.17, and 3.2.19, which is caused by an OS command injection attack due to a flaw in the...

InnoShop 安全漏洞

InnoShop is an open source e-commerce system based on Laravel 11 by InnoShop Open Source. A security vulnerability exists in Innoshop 0.4.1 and earlier versions, which stems from the presence of directory traversal in the FileManager API endpoint, which can lead to file system operations...

VMware NSX Manager UI 安全漏洞

VMware NSX Manager UI is a graphical interface for configuring and managing NSX network environments from VMware, Inc. A security vulnerability exists in VMware NSX Manager UI that stems from improper input validation and could lead to a stored cross-site scripting attack...

CVE-2025-45614

Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to access sensitive information via a crafted payload...

Asterisk 安全漏洞

Asterisk is an Asterisk open source software for PBX systems that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols. Asterisk has a security vulnerability that stems from the fact that an AMI user with write=originate can change all configuration files in the /etc/asterisk/...

PT-2024-19061 · F5 · Big-Ip Next Central Manager

Name of the Vulnerable Software and Affected Versions: F5 BIG-IP Next Central Manager affected versions not specified Description: An OData injection vulnerability exists in the BIG-IP Next Central Manager API. The issue affects the API endpoint, but specific details about the endpoint, such as...