92 matches found
EUVD-2021-20356
Malware in sbrugna...
EUVD-2017-14879
Malware in sbrugna...
CVE-2025-11337 Four-Faith Water Conservancy Informatization Platform download.do;othersusrlogout.do path traversal
A vulnerability was detected in Four-Faith Water Conservancy Informatization Platform up to 2.2. This affects an unknown part of the file /aloneReport/index.do/../../aloneReport/download.do;othersusrlogout.do. Performing manipulation of the argument fileName results in path traversal. It is...
EUVD-2025-27110
Malicious code in bioql PyPI...
EUVD-2025-29851
Malicious code in bioql PyPI...
CVE-2025-10819
A security vulnerability has been detected in fuyanglipengjun platform 1.0. This issue affects the function UserCouponController of the file /usercoupon/queryAll. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed public...
CVE-2025-9936 fuyang_lipengjun platform queryAll AdController improper authorization
A vulnerability was identified in fuyanglipengjun platform 1.0.0. This issue affects the function AdController of the file /ad/queryAll. The manipulation leads to improper authorization. The attack is possible to be carried out remotely. The exploit is publicly available and might be used...
CVE-2025-43756
A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.15, 2025.Q2.0 through 2025.Q2.2 and 2024.Q1.13 through 2024.Q1.19 allows a remote authenticated user to inject JavaScript code via snippet parameter...
PT-2025-34270 · Unknown · Aikaan Iot Management Platform
Name of the Vulnerable Software and Affected Versions: Aikaan IoT management platform version 3.25.0325-5-g2e9c59796 Description: The Aikaan IoT management platform allows unauthenticated users to register accounts via APIs, even when user sign-up is disabled through the user interface. This...
CVE-2025-52619
HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform...
CVE-2025-52619
HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform...
CVE-2025-52619
HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform...
CVE-2025-52619 HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure
HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform...
CVE-2025-52619 HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure
HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform...
CVE-2025-52619
HCL BigFix SaaS Authentication Service is affected by CVE-2025-52619, which discloses sensitive platform version information via error messages. Affected component: HCL BigFix SaaS Authentication Service. Root cause: error messages reveal underlying platform version details under certain conditio...
CVE-2025-8775 Qiyuesuo Eelectronic Signature Platform Scheduled Task upload execute unrestricted upload
A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as critical. Affected by this issue is the function execute of the file /api/code/upload of the component Scheduled Task Handler. The manipulation of the argument File leads to unrestricted upload. The...
CVE-2025-8773
A vulnerability, which was classified as critical, was found in Dinstar Monitoring Platform 甘肃省危险品库监控平台 1.0. Affected is an unknown function of the file /itc/$%7BappPath%7D/logingetPasswordErrorNum.action. The manipulation of the argument userBean.loginName leads to sql injection. It is possible ...
Carestream Health Clinical Collaboration Platform 安全漏洞
Carestream Health Clinical Collaboration Platform is a clinical assistance platform from Carestream Health, USA. A security vulnerability exists in Carestream Health Clinical Collaboration Platform version 12.2.1.5, which stems from a weak logout system and could lead to accessing sensitive...
Microsoft VP9 Video Extensions Multiple Vulnerabilities (May 2025) - Windows
Microsoft VP9 Video Extensions is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2025-46689
CVE-2025-46689 affects Ververica Platform 2.14.0 with a Reflected XSS vulnerability exposed via the URI path namespaces/default/formats . The issue involves user-controlled input in that path, allowing an attacker to trigger script execution in a victim’s browser when the vulnerable page is loade...