257 matches found
PT-2026-44817
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Administration WebUI in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows remote authenticated attackers to execute arbitrary operating syste...
CVE-2026-6282
Technical details about CVE-2026-6282 (affected Lenovo devices, vulnerable components, impact, and fixes) are not provided in the available documents. Monitor Lenovo advisories and the CVE listing for updates.
CVE-2026-4914
Ivanti N‑ITSM is affected (before version 2025.4) by a Stored XSS vulnerability that requires user interaction and authenticated access. An attacker can remotely obtain limited information from other user sessions, with a Confidentiality impact of Low and no Availability impact (CVSS v3.1 base 5....
PT-2026-28272
Cache misconfiguration vulnerability in OpenText Identity Manager on Windows, Linux allows remote authenticated users to obtain another user's session data via insecure application cache handling. This issue affects Identity Manager: 25.2v4.10.1...
EUVD-2025-208887
A path traversal vulnerability in /ftl/web/setup.cgi in Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote authenticated users to read arbitrary files from the filesystem via crafted values in the logtype parameter to /logsave.htm...
MiracleLinux 7 : rh-mariadb101-mariadb-10.1.19-6.el7 (AXSA:2016-1178:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-1178:02 advisory. MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation...
MiracleLinux 3 : postgresql-8.1.18-2.1.1AXS3 (AXSA:2009-415:01)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-415:01 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselect...
CVE-2009-4438
The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a 1 sequence or 2 global-variable object, which allows remote authenticated users to make use of data via unspecified vectors...
CVE-2007-4309
IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini 1 KFMShowEntropy and 2 DebugOutfile debug variables, a different vulnerability than CVE-2005-2696...
CVE-2023-25609
A server-side request forgery SSRF vulnerability CWE-918 in FortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 through 6.4.11 may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests...
CVE-2024-5401
CVE-2024-5401 affects Synology DiskStation Manager (DSM) WebAPI and Synology Unified Controller (DSMUC). The vulnerability is described as an improper control of dynamically-managed code resources in the WebAPI component, allowing remote authenticated users to obtain privileges without consent vi...
CVE-2025-62383
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
EUVD-2014-2617
Malware in sbrugna...
EUVD-2013-3964
Malware in sbrugna...
EUVD-2015-7577
Malware in sbrugna...
EUVD-2013-1568
Malware in sbrugna...
EUVD-2004-1598
Malware in sbrugna...
EUVD-2015-0027
Malware in sbrugna...
EUVD-2011-0887
Malware in sbrugna...
EUVD-2009-0894
Malware in sbrugna...