Oracle VM VirtualBox Core Component Memory Corruption Vulnerability

Oracle VM VirtualBox is a desktop virtualization software developed by Oracle to run multiple operating systems on a single host. A memory corruption vulnerability exists in Oracle VM VirtualBox. The vulnerability stems from a failure of the Core component to properly handle memory operations and...

CVE-2026-35242

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

CVE-2025-48397

The privileged user could log in without sufficient credentials after enabling an application protocol. This security issue has been fixed in the latest script patch latest version of of Eaton BLSS 7.3.0.SCP004...

CVE-2025-48397

The privileged user could log in without sufficient credentials after enabling an application protocol. This security issue has been fixed in the latest script patch latest version of of Eaton BLSS 7.3.0.SCP004...

PT-2025-44758

Name of the Vulnerable Software and Affected Versions Eaton BLSS versions prior to 7.3.0.SCP004 Description A privileged user could log in without sufficient credentials after enabling an application protocol. Recommendations Update to version 7.3.0.SCP004 or later...

Eaton Brightlayer Software Suite 安全漏洞

Eaton Brightlayer Software Suite is a digital infrastructure management software suite from Eaton Corporation USA. A security vulnerability exists in Eaton Brightlayer Software Suite version 7.3.0.SCP004, which originates from a privileged user being able to log in without sufficient credentials...

CVE-2025-62592

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

EUVD-2009-0349

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-10911

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to...

Linux Distros Unpatched Vulnerability : CVE-2019-3031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.34 and prior t...

Linux Distros Unpatched Vulnerability : CVE-2023-21884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.42 and prior t...

CVE-2025-34143

An authentication bypass vulnerability exists in ETQ Reliance on the CG legacy platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers with network access to the login pag...

CVE-2022-42473

A missing authentication for a critical function vulnerability in Fortinet FortiSOAR 6.4.0 - 6.4.4 and 7.0.0 - 7.0.3 and 7.2.0 allows an attacker to disclose information via logging into the database using a privileged account without a password...

Fortinet FortiSOAR 访问控制错误漏洞

Fortinet FortiSOAR is a security orchestration, automation and response SOAR solution from Fortinet, Inc. An access control error vulnerability exists in Fortinet FortiSOAR, stemming from a lack of authentication, which could be exploited by an attacker to compromise information by logging into t...

WordPress 跨站请求伪造漏洞

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. cross-site request forgery vulnerability exists in versions of the WordPress Slick Slider plugin prior to 2.0.1, which stems...

CVE-2021-30166

The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission...

DEBIAN-CVE-2019-10911

In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related to symfony/securit...

UBUNTU-CVE-2019-10911

In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related to symfony/securit...

Authentication flaw

GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted local password file, which allows remote attackers to bypass intended access restrictions and start privileged server login sessions by recovering a password or by using a modified program module...

ASI Sybase Security Alert: Buffer overflow in DBCC CHECKVERIFY

Sybase Adaptive Server buffer overflow in DBCC CHECKVERIFY http://www.appsecinc.com/resources/alerts/sybase/02-0001.html To determine if you should apply this hot fix, download AppDetective for Sybase from http://www.sybasesecurity.net/products/appdetective/sybase/. Risk level: High Threat: Allow...