EUVD-2026-25140

A path Traversal vulnerability exists in Ziostation2 v2.9.8.7 and earlier. A remote unauthenticated attacker may get sensitive information on the operating system...

Ziosoft Ziostation 路径遍历漏洞

Ziosoft Ziostation is a imaging processing workstation software developed by Ziosoft Corporation in Japan. It provides three-dimensional visualization of medical images and advanced analysis capabilities. Versions of Ziosoft Ziostation 2.9.8.7 and earlier contained a path traversal vulnerability...

CVE-2025-36744

SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information...

CVE-2025-36744

SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information...

PT-2025-50935

SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information...

EUVD-2024-22962

Malicious code in bioql PyPI...

EUVD-2025-27214

Malicious code in bioql PyPI...

CVE-2025-42911 Missing Authorization check in SAP NetWeaver (Service Data Download)

SAP NetWeaver Service Data Download allows an authenticated user to call a remote-enabled function module, which could grant access to information about the SAP system and operating system. This leads to a low impact on confidentiality, with no effect on the integrity and availability of the...

CVE-2025-42968

SAP NetWeaver allows an authenticated non-administrative user to call the remote-enabled function module which could grants access to non-sensitive information about the SAP system and OS without requiring any specific knowledge or controlled conditions. This leads to a low impact on...

CVE-2024-25646

Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. On successful exploitation there could be a considerable impact on confidentiality of the application...

CVE-2024-25646 Information Disclosure vulnerability in SAP BusinessObjects Web Intelligence

Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. On successful exploitation there could be a considerable impact on confidentiality of the application...

SAP BusinessObject Business Intelligence Launch Pad 信息泄露漏洞

SAP BusinessObject Business Intelligence Launch Pad is a web control panel for the Business Intelligence platform from SAP, Germany. An information disclosure vulnerability exists in SAP BusinessObject Business Intelligence Launch Pad versions 4.2 and 4.3, which arises from improper authenticatio...

PT-2024-2972 · Sap · Sap Businessobject Business Intelligence Launch Pad

Name of the Vulnerable Software and Affected Versions: SAP BusinessObject Business Intelligence Launch Pad affected versions not specified Description: The issue is related to improper validation in SAP BusinessObject Business Intelligence Launch Pad, allowing an authenticated attacker to access...

Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel

In yet another sign that developers continue to be targets of software supply chain attacks, a number of malicious packages have been discovered on the Rust programming language's crate registry. The libraries, uploaded between August 14 and 16, 2023, were published by a user named "amaperf,"...

CVE-2022-1911

Error in parser function in M-Files Server versions before 22.6.11534.1 and before 22.6.11505.0 allowed unauthenticated access to some information of the underlying operating system...

CVE-2022-1911

Error in parser function in M-Files Server versions before 22.6.11534.1 and before 22.6.11505.0 allowed unauthenticated access to some information of the underlying operating system...

PT-2022-14188

Name of the Vulnerable Software and Affected Versions M-Files Server versions before 22.6.11534.1 M-Files Server versions before 22.6.11505.0 Description The issue is related to an error in a parser function that allowed unauthenticated access to some information of the underlying operating syste...

Hicos Citizen Certificate Client-side Component 安全漏洞

Hicos Citizen Certificate Client-side Component is a citizen certificate client-side component. A security vulnerability exists in the Hicos Citizen Certificate Client-side Component that stems from insufficient validation of parameter lengths for operating system information, which could be...

Live-Forensicator - Powershell Script To Aid Incidence Response And Live Forensics

Live Forensicator is part of the Black Widow Toolbox, its aim is to assist Forensic Investigators and Incidence responders in carrying out a quick live forensic investigation. It achieves this by gathering different system information for further review for anomalous behaviour or unexpected data...

Systeminformation Operating System Command Injection Vulnerability

systeminformation is an Npm software library that can obtain information about the operating system. A vulnerability in operating system command injection existed in versions prior to systeminformation npm package version 4.31.1, which stemmed from this issue fixed in version 4.31.1, and fixed a...