CVE-2026-44058

An authentication bypass vulnerability in Netatalk 2.2.2 through 4.4.2 allows a remote privileged user to authenticate as an arbitrary user via the admin auth user mechanism...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability caused by improper implementation in Companion. This vulnerability could allow remote attackers to gain operating system-level privileges...

MiracleLinux 7 : pacemaker-1.1.13-10.el7 (AXSA:2015-850:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-850:01 advisory. Pacemaker is an advanced, scalable High-Availability cluster resource manager for Corosync, CMAN and/or Linux-HA. It supports more than 16 node clusters with...

HP Integrated Lights-Out Improper Input Validation (CVE-2014-7876)

Unspecified vulnerability in HP Integrated Lights-Out iLO firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management CM firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors. This plugin only works with...

EUVD-2020-22952

Malware in sbrugna...

EUVD-2013-6243

Malware in sbrugna...

EUVD-2020-21545

Malware in sbrugna...

EUVD-2021-15700

Malware in sbrugna...

CVE-2025-57685

The CVE-2025-57685 issue affects LB-Link routers including BL-AC2100_AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000_AE4 v2.4.9, BL-AC1900_AZ2 v1.0.2, BL-X26_AC8 v1.2.8, and BL-LTE300_DA4 V1.2.3. According to the provided sources, the vulnerability is an unauthorized command injection via the /goform/set...

CVE-2025-37123 Authenticated Command Injection leads to Unauthorized Actions in CLI Interface

A vulnerability in the command-line interface of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to escalate privileges. Successful exploitation of this vulnerability may enable the attacker to execute arbitrary system commands with root privileges on...

CVE-2025-57799

StreamVault is a multi-platform video parsing and downloading tool. Prior to version 250822, after logging into the StreamVault-system, an attacker can modify certain system parameters, construct malicious commands, execute command injection attacks against the system, and ultimately gain server...

CVE-2020-35274

DotCMS Add Template with admin panel 20.11 is affected by cross-site Scripting XSS to gain remote privileges. An attacker could compromise the security of a website or web application through a stored XSS attack and stealing cookies using XSS...

CVE-2020-35273

EgavilanMedia User Registration & Login System with Admin Panel 1.0 is affected by Cross Site Request Forgery CSRF to remotely gain privileges in the User Profile panel. An attacker can update any user's account...

CVE-2010-2944

The authenticate function in LDAPUserFolder/LDAPUserFolder.py in zope-ldapuserfolder 2.9-1 does not verify the password for the emergency account, which allows remote attackers to gain privileges...

Linux Distros Unpatched Vulnerability : CVE-2014-3476

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Identity Keystone before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote...

CVE-2024-8585

Orca HCM from LEARNING DIGITA does not properly restrict a specific parameter of the file download functionality, allowing a remote attacker with regular privileges to download arbitrary system files...

CVE-2023-27843

SQL injection vulnerability found in PrestaShop askforaquote v.5.4.2 and before allow a remote attacker to gain privileges via the QuotesProduct::deleteProduct component...

PT-2023-21279 · Unknown · Dbpoweramp Audio Player

Name of the Vulnerable Software and Affected Versions: POWERAMP audioplayer versions 925 through 954 Description: An issue in the POWERAMP audioplayer allows a remote attacker to gain privileges via the reverb and EQ preset parameters. Recommendations: For versions 925 through 954, consider...

SUSE CVE-2005-2450

Multiple integer overflows in the 1 TNEF, 2 CHM, or 3 FSG file format processors in libclamav for Clam AntiVirus ClamAV 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message...

SUSE CVE-2005-3538

hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts arbitrary passwords, which allows remote attackers to gain privileges...