37 matches found
Samsung MagicINFO 9 Server Path Traversal Vulnerability
Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary files as system authority...
EUVD-2025-22427
Malicious code in bioql PyPI...
EUVD-2025-22412
Malicious code in bioql PyPI...
EUVD-2025-22430
Malicious code in bioql PyPI...
EUVD-2025-22410
Malicious code in bioql PyPI...
EUVD-2025-22408
Malicious code in bioql PyPI...
Samsung MagicINFO 9 Server OpenApiController Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpenApiController class. The issue results from the lack of proper...
Samsung MagicINFO 9 Server parseXMLString XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the parseXMLString method. Due to the improper...
Samsung MagicINFO 9 Server MagicInfoCache Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper validation of...
Samsung MagicINFO 9 Server ResponseUploadActivity Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ResponseUploadActivity class. The issue results from the lack of proper...
Samsung MagicINFO 9 Server SWUpdateFileUploadServlet Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SWUpdateFileUploadServlet class. The issue results from the lack of prope...
Samsung MagicINFO 9 Server MagicInfoWebAuthorClient Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MagicInfoWebAuthorClient app. The issue results from the lack of proper...
Samsung MagicINFO 9 Server getZipFileListForImport Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the implementatio...
CVE-2025-54442
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54444
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54453
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
SAMSUNG MagicINFO 9 Server File Upload Vulnerability (CNVD-2025-20804)
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A file upload vulnerability exists in SAMSUNG MagicINFO 9 Server, which stems from a failure to perform strict checks on uploaded file types. An attacker can...
SAMSUNG MagicINFO 9 Server Code Injection Vulnerability
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a code injection vulnerability that originates from improper code generation control and can be exploited by an attacker ...
SAMSUNG MagicINFO 9 Server Security Bypass Vulnerability
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A security bypass vulnerability exists in SAMSUNG MagicINFO 9 Server, which can be exploited by attackers to cause authentication bypass...
SAMSUNG MagicINFO 9 Server File Upload Vulnerability (CNVD-2025-20800)
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A file upload vulnerability exists in SAMSUNG MagicINFO 9 Server, which stems from a failure to perform strict checks on uploaded file types. An attacker can...