14 matches found
UBUNTU-CVE-2026-5222
Cargo between 1.68 and 1.96 incorrectly normalized the URLs of third-party registries using the sparse index protocol. If a hosting provider allowed multiple registries to be hosted with arbitrary names within the same domain, an attacker able to publish crates in a registry could obtain the...
CVE-2026-28909
Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. This issue is fixed in container version 0.12.3...
Malicious code in manual_planarian-excellentdev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d0b63f8b334f1953e593246dc546f33d39b20f248791ca65f865a46610ae993 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2022-30559
Malicious code in bioql PyPI...
EUVD-2025-19191
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-41092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running docker login...
TSplus Remote Access Admin Tool 安全漏洞
The TSplus Remote Access Admin Tool is a tool for centralized configuration and administration of the TSplus Remote Access Server from TSplus France. A security vulnerability exists in versions prior to TSplus Remote Access Admin Tool v18.40.6.17, which stems from an unsalted PIN hash stored in t...
CVE-2025-46715 Sandboxie Arbitrary Kernel Write in SbieDrv.sys API (API_GET_SECURE_PARAM)
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, ApiGetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to write t...
CVE-2023-37234
Loftware Spectrum through 4.6 has unprotected JMX Registry...
CVE-2021-22799
A CWE-331: Insufficient Entropy vulnerability exists that could cause unintended connection from an internal network to an external network when an attacker manages to decrypt the SESU proxy password from the registry. Affected Product: Schneider Electric Software Update, V2.3.0 through V2.5.1...
Docker 信息泄露漏洞
Docker is an open source application container engine from the American company Docker. The product supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment, and upgrading of applications...
Windows PrintNightmare Registry Exposure CVE-2021-34527 OOB Security Update RCE (July 2021)
A remote command execution vulnerability exists in Windows Print Spooler service improperly performs privileged file operations. An authenticated, remote attacker can exploit this to bypass and run arbitrary code with SYSTEM privileges. The remote system is not fully secure as the point and print...
UBUNTU-CVE-2018-1287
In Apache JMeter 2.X and 3.X, when using Distributed Test only RMI based, jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...
CVE-2000-0420
The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System EFS data...