2098 matches found
CVE-2025-59849
The CVE-2025-59849 entry concerns HCL BigFix Remote Control Lite Web Portal, affected in versions 10.1.0.0326 and lower. The vulnerability arises from improper management of the Content Security Policy, enabling the execution of malicious code within web pages. The risk is tied to a web-exposed c...
CVE-2025-59849 HCL BigFix Remote Control is vulnerable to an insecure CSP configuration
Improper management of Content Security Policy in HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower may allow the execution of malicious code in web pages...
CVE-2025-59849 HCL BigFix Remote Control is vulnerable to an insecure CSP configuration
Improper management of Content Security Policy in HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower may allow the execution of malicious code in web pages...
PT-2025-51897
Name of the Vulnerable Software and Affected Versions HCL BigFix Remote Control Lite versions 10.1.0.0326 and lower Description A flaw exists in the Content Security Policy management within the HCL BigFix Remote Control Lite Web Portal that could permit the execution of harmful code within web...
PT-2025-51915
Name of the Vulnerable Software and Affected Versions HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower Description A flaw exists in the way the software handles path-relative stylesheet imports. This could allow for the execution of malicious code within specific web pages...
HCL BigFix Remote Control 安全漏洞
HCL BigFix Remote Control is a remote desktop management platform from HCL India. A security vulnerability exists in HCL BigFix Remote Control version 10.1.0.0326 and prior versions, which stems from improper management of content security policies and could lead to the execution of malicious cod...
CVE-2025-34180
NetSupport Manager 14.12.0001 relies on a shared Gateway Key for authentication between Manager/Control, Client, and Connectivity Server components. The key is stored using a reversible encoding scheme. An attacker who obtains access to a deployed client configuration file can decode the stored...
EUVD-2025-203379
NetSupport Manager 14.12.0001 relies on a shared Gateway Key for authentication between Manager/Control, Client, and Connectivity Server components. The key is stored using a reversible encoding scheme. An attacker who obtains access to a deployed client configuration file can decode the stored...
CVE-2025-34180
NetSupport Manager 14.12.0001 relies on a shared Gateway Key for authentication between Manager/Control, Client, and Connectivity Server components. The key is stored using a reversible encoding scheme. An attacker who obtains access to a deployed client configuration file can decode the stored...
CVE-2025-34180 NetSupport Manager < 14.12.0001 Gateway Key Reversible Encoding Credential Recovery
NetSupport Manager 14.12.0001 relies on a shared Gateway Key for authentication between Manager/Control, Client, and Connectivity Server components. The key is stored using a reversible encoding scheme. An attacker who obtains access to a deployed client configuration file can decode the stored...
PT-2025-51232
NetSupport Manager 14.12.0001 relies on a shared Gateway Key for authentication between Manager/Control, Client, and Connectivity Server components. The key is stored using a reversible encoding scheme. An attacker who obtains access to a deployed client configuration file can decode the stored...
CVE-2025-43542
This issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Tahoe 26.2, visionOS 26.2. Password fields may be unintentionally revealed when remotely controlling a device over FaceTime...
CVE-2025-43542
This issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Tahoe 26.2, visionOS 26.2. Password fields may be unintentionally revealed when remotely controlling a device over FaceTime...
EUVD-2025-203149
This issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.3. Password fields may be unintentionally revealed when remotely controlling a device over FaceTime...
CVE-2025-43542
This issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Tahoe 26.2, visionOS 26.2. Password fields may be unintentionally revealed when remotely controlling a device over FaceTime...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems from the U.S.-based Apple Inc. developed specifically for Mac computers. A security vulnerability exists in Apple macOS Sequoia prior to version 15.7.3, which stems from a state management issue that could result in the accidental display of...
CVE-2023-53774
MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk record...
Malicious code in rendom (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1effe6d94e0635864c22ea960a22b40294c3f2e510550046139bcd78f62a33fa The package contains a Telegram bot to perform remote control of the computer. The package name additionally suggests typosquatting against standard random...
MAL-2025-192323 Malicious code in rendom (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1effe6d94e0635864c22ea960a22b40294c3f2e510550046139bcd78f62a33fa The package contains a Telegram bot to perform remote control of the computer. The package name additionally suggests typosquatting against standard random...
PT-2025-49138
Name of the Vulnerable Software and Affected Versions AirKeyboard iOS App version 1.0.5 Description The AirKeyboard iOS App has a missing authentication mechanism. This allows unauthenticated attackers to send arbitrary keystrokes to a victim’s iOS device in real-time, without requiring user...