272 matches found
CVE-2025-41267
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Administration WebUI in Waterfall WF-500 TX Host in version 7.9.1.0 R2502171040 that allows remote authenticated attackers to execute arbitrary operating syste...
CVE-2026-4914
Stored XSS in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to obtain limited information from other user sessions. User interaction is required...
Brocade SANnav 安全漏洞
Brocade SANnav is a storage area network management software developed by the American company Brocade. Versions of Brocade SANnav prior to 2.4.0b contained security vulnerabilities. These vulnerabilities stemmed from the fact that logs supported by SANnav recorded administrator passwords for...
CVE-2023-31505
An arbitrary file upload vulnerability in Schlix CMS v2.2.8-1, allows remote authenticated attackers to execute arbitrary code and obtain sensitive information via a crafted .phtml file...
CVE-2019-11780
Improper access control in the computed fields system of the framework of Odoo Community 13.0 and Odoo Enterprise 13.0 allows remote authenticated attackers to access sensitive information via crafted RPC requests, which could lead to privilege escalation...
CVE-2025-2848
A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions...
CVE-2025-2848
CVE-2025-2848 affects Synology Mail Server. Multiple sources describe remote authenticated access that allows reading and writing non-sensitive settings and disabling some non-critical functions, with potential risks to mail configuration stability. PT-Security cites affected DSM versions before ...
CVE-2025-59370
A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary commands, leading to the device executing unintended instructions. Refer to the 'Security Update for ASUS Router Firmware' section on...
Restaurant Brands International assistant platform 安全漏洞
Restaurant Brands International assistant platform is a restaurant back office platform from Restaurant Brands International. A security vulnerability exists in Restaurant Brands International assistant platform version 2025-09-06 and earlier, which stems from a createToken GraphQL mutation that...
CVE-2025-62388
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
Liferay Publications vulnerable to Authorization Bypass Through User-Controlled Key
Insecure direct object reference IDOR vulnerability in Publications in Liferay Portal 7.3.1 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92, and 7.3 GA through update 36 allows remote authenticated attackers to view the edi...
CVE-2025-62239
Cross-site scripting XSS vulnerability in workflow process builder in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject arbitrary web script or HT...
EUVD-2020-18040
Malware in sbrugna...
EUVD-2018-7575
Malware in sbrugna...
EUVD-2017-8064
Malware in sbrugna...
EUVD-2019-13286
Malware in sbrugna...
EUVD-2020-18038
Malware in sbrugna...
EUVD-2019-5578
Malware in sbrugna...
EUVD-2018-17267
Malware in sbrugna...
EUVD-2016-9730
Malware in sbrugna...