283 matches found
EUVD-2022-4487
Malicious code in bioql PyPI...
SpecialFolderDatablock - Windows LNK File Special UNC Path NTLM Leak
This module creates a malicious Windows shortcut LNK file that specifies a special UNC path in SpecialFolderDatablock of Shell Link .LNK that can trigger an authentication attempt to a remote server. This can be used to harvest NTLM authentication credentials. When a victim browse to the location...
Linux Distros Unpatched Vulnerability : CVE-2019-2503
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Connection Handling. Supported versions that are affected are 5.6.42 and prior...
Linux Distros Unpatched Vulnerability : CVE-2023-53006
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uncleared server-smbdconn in reconnect In smbddestroy, clear the...
CVE-2025-0309
An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect to any other server with Public Signed CA TLS certificates and send specially crafted responses to...
CVE-2025-0309 Netskope Client Local Elevation of Privileges
An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect to any other server with Public Signed CA TLS certificates and send specially crafted responses to...
Netskope Client 安全漏洞
Netskope Client is a client program for connecting to manage the Netskope Cloud Platform from Netskope USA. A security vulnerability exists in Netskope Client that stems from insufficient authentication of server connection endpoints, which could result in elevated privileges for local users...
PT-2025-33117
Name of the Vulnerable Software and Affected Versions Netskope Client for Windows affected versions not specified Description An insufficient validation exists in the server connection endpoint of Netskope Client for Windows. This flaw allows local users to elevate their privileges on the system...
Citrix Director Infrastructure Monitoring – License Server Connection status is not available
When admin checks Delivery Controller data in Citrix Director - Infrastructure Monitoring, the license server related information is not available. All other metrics are displayed correctly. License Server is configured correctly and there are no issues with licenses. CVAD Site is functioning...
CVE-2023-38547
A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database...
CVE-2022-25201
Missing permission checks in Jenkins Checkmarx Plugin 2022.1.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2022-34203
A cross-site request forgery CSRF vulnerability in Jenkins EasyQA Plugin 1.0 and earlier allows attackers to connect to an attacker-specified HTTP server...
CVE-2022-25212
A cross-site request forgery CSRF vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials...
CVE-2020-8241
A vulnerability in the Pulse Secure Desktop Client 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicious server...
CVE-2020-2148
A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...
CVE-2020-2253
Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server...
CVE-2020-2216
A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified username and password...
CVE-2019-1003079
A missing permission check in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
CVE-2019-1003084
A cross-site request forgery vulnerability in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptordoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...
CVE-2019-1003078
A cross-site request forgery vulnerability in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...