511 matches found
EUVD-2022-6858
Malicious code in bioql PyPI...
EUVD-2022-40034
Malicious code in bioql PyPI...
EUVD-2025-5050
Malicious code in bioql PyPI...
EUVD-2022-35000
Malicious code in bioql PyPI...
EUVD-2021-30681
Malicious code in bioql PyPI...
EUVD-2022-40033
Malicious code in bioql PyPI...
EUVD-2023-48659
Malicious code in bioql PyPI...
EUVD-2021-8779
Malicious code in bioql PyPI...
EUVD-2025-15721
Malicious code in bioql PyPI...
EUVD-2025-8627
Malicious code in bioql PyPI...
EUVD-2025-21037
Malicious code in bioql PyPI...
EUVD-2022-29758
Malicious code in bioql PyPI...
CVE-2025-59745 Multiple vulnerabilities in AndSoft's e-TMS
Vulnerability in the cryptographic algorithm of AndSoft's e-TMS v25.03, which uses MD5 to encrypt passwords. MD5 is a cryptographically vulnerable hash algorithm and is no longer considered secure for storing or transmitting passwords. It is vulnerable to collision attacks and can be easily crack...
AZL-68082 CVE-2025-9230 affecting package edk2 for versions less than 20240524git3e722403cd16-10
Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...
Linux Distros Unpatched Vulnerability : CVE-2019-1010054
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr 7.0.0 is affected by: Cross Site Request Forgery CSRF. The impact is: allow malitious html to change user password, disable users and disable password...
Kaseya RapidFire Tools Network Detective 安全漏洞
Kaseya RapidFire Tools Network Detective is a network asset evaluation and security scanning tool from Kaseya Corporation, USA. A security vulnerability exists in Kaseya RapidFire Tools Network Detective version 2.0.16.0 and prior versions, which stems from a flaw in the cryptographic...
CVE-2025-34099
An unauthenticated command injection vulnerability exists in VICIdial versions 2.9 RC1 through 2.13 RC1, within the vicidialsalesviewer.php component when password encryption is enabled a non-default configuration. The application improperly passes the HTTP Basic Authentication password directly ...
CVE-2025-34099 VICIdial vicidial_sales_viewer.php Unauthenticated Command Injection via Basic Auth Password
An unauthenticated command injection vulnerability exists in VICIdial versions 2.9 RC1 through 2.13 RC1, within the vicidialsalesviewer.php component when password encryption is enabled a non-default configuration. The application improperly passes the HTTP Basic Authentication password directly ...
PT-2025-29141 · Vicidial · Vicidial
Name of the Vulnerable Software and Affected Versions: VICIdial versions 2.9 RC1 through 2.13 RC1 Description: An unauthenticated command injection issue exists in the vicidial sales viewer.php component when password encryption is enabled. The application improperly passes the HTTP Basic...
PT-2025-28963 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: Kaseya Rapid Fire Tools Network Detective versions through 2.0.16.0 Description: A cryptographic implementation flaw exists in the password encryption mechanism within the EncryptionUtil class. Symmetric encryption is implemented in a...