12 matches found
EUVD-2013-0037
Malware in sbrugna...
GHSA-C46W-GR7F-JM2P Salt vulnerable to arbitrary event injection
Arbitrary event injection on Salt Master. The master's "minionevent" method can be used by and authorized minion to send arbitrary events onto the master's event bus...
Salt vulnerable to arbitrary event injection
Arbitrary event injection on Salt Master. The master's "minionevent" method can be used by and authorized minion to send arbitrary events onto the master's event bus...
CVE-2025-22239
Arbitrary event injection on Salt Master. The master's "minionevent" method can be used by and authorized minion to send arbitrary events onto the master's event bus...
CVE-2025-22239 CVE-2025-22239 salt advisory
Arbitrary event injection on Salt Master. The master's "minionevent" method can be used by and authorized minion to send arbitrary events onto the master's event bus...
PT-2025-25396 · Unknown +1 · Salt-Master +1
Name of the Vulnerable Software and Affected Versions: Salt Master affected versions not specified Description: The issue arises when the VirtKey class is called upon requesting "on-demand pillar" data. It utilizes un-validated input to create paths to the "pki directory". This functionality is...
PT-2025-25394 · Unknown +1 · Salt-Master +1
Name of the Vulnerable Software and Affected Versions: Salt Master affected versions not specified Description: The issue allows arbitrary event injection on the Salt Master. An authorized minion can use the master's minion event method to send arbitrary events onto the master's event bus...
CVE-2020-13634
In Windows Master aka Windows Optimization Master 7.99.13.604, the driver file WoptiHWDetect.SYS allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0xF1002558...
CVE-2024-11642
The Post Grid Master – Custom Post Types, Taxonomies & Ajax Filter Everything with Infinite Scroll, Load More, Pagination & Shortcode Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.4.12 via the 'locatetemplate' function. This makes it...
WordPress Plugin Quiz And Survey Master Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
Delta Electronics InfraSuite Device Master 访问控制错误漏洞
Delta Electronics InfraSuite Device Master is a device used to simplify and automate the monitoring of critical devices from Delta Electronics Taiwan, China. An access control error vulnerability exists in versions prior to Delta Electronics InfraSuite Device Master 00.00.01a that stems from...
Merchandise Online Store SQL注入漏洞
Merchandise Online Store is a merchandise online store system. A security vulnerability exists in Merchandise Online Store, which can be exploited by attackers to conduct SQL injection attacks via /vloggersmerch/classes/Master.php?f=payorder...