78 matches found
EUVD-2025-209776
docuFORM Managed Print Service Client 11.11c is vulnerable to a reflected cross site scripting attack via the login page of the application...
CVE-2025-65418
docuFORM Managed Print Service Client 11.11c is vulnerable to a directory traversal allowing attackers to read arbitrary files via crafted url...
CVE-2025-65417
docuFORM Managed Print Service Client 11.11c is vulnerable to a reflected cross site scripting attack via the login page of the application...
CVE-2025-65418
docuFORM Managed Print Service Client 11.11c is vulnerable to a directory traversal allowing attackers to read arbitrary files via crafted url...
Malicious code in vision-service-python-client-internal (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ea39ef97e61556ba1ef289f438f9401ced47328bd49f096401ed4795792c8f7a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-1641 Malicious code in @uc-platform/user-service-client-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3b540186390d5c469d9b5de607c8d6b64fc0315e70c245ec70c16f1732058cc The package @uc-platform/user-service-client-ts was found to contain malicious code...
Malicious code in @uc-platform/advertisement-service-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b168c7f137b260fe9d6fa7c0962aa3ab273f66f1f5bfabe7f0daadeb79ef7323 The package @uc-platform/advertisement-service-client was found to contain malicious code...
MAL-2026-1639 Malicious code in @uc-platform/advertisement-service-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b168c7f137b260fe9d6fa7c0962aa3ab273f66f1f5bfabe7f0daadeb79ef7323 The package @uc-platform/advertisement-service-client was found to contain malicious code...
CVE-2026-3750
A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation leads to server-side...
Improper Authentication
Overview @n8n/rest-api-client is a This package contains the REST API calls for n8n. Affected versions of this package are vulnerable to Improper Authentication via the Self-Service Settings API. An attacker can circumvent centralized identity management and multi-factor authentication by disabli...
Security Bulletin: Multiple security vulnerabilities in .NET affect IBM Robotic Process Automation
Summary Multiple security vulnerabilities in .NET affect IBM Robotic Process Automation. .NET is used by IBM Robotic Process as part of it's development framework. This security bulletin identifies the fixes required to resolve these vulnerabilities Vulnerability Details CVEID:CVE-2024-29992...
CVE-2025-1000
IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service when connecting to a z/OS database due to improper handling of automatic client rerouting...
EUVD-2025-37103
Malicious code in epic-service-client npm...
Malicious code in epic-service-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dace8c7467ca89f828a88fdae398bb44d6c7e2757575656ae63926697aaa4487 The package epic-service-client was found to contain malicious code...
MAL-2025-49190 Malicious code in epic-service-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dace8c7467ca89f828a88fdae398bb44d6c7e2757575656ae63926697aaa4487 The package epic-service-client was found to contain malicious code...
CVE-2025-34222 Vasion Print (formerly PrinterLogic) Unauthenticated Admin APIs Used to Modify SSL Certificates
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA/SaaS deployments expose four admin routes – /admin/hp/certupload, /admin/hp/certdelete, /admin/certs/ca, and /admin/certs/serviceclients/scid – without any...
CVE-2025-34222
Vasion Print (formerly PrinterLogic) Vulnerability CVE-2025-34222 affects Virtual Appliance Host before 22.0.1049 and Application before 20.0.2786 (VA/SaaS). The issue stems from four unauthenticated admin routes exposed in the printercloud/pi Docker container (routes: /admin/hp/cert_upload, /adm...
SUSE SLES12 Security Update : regionServiceClientConfigGCE (SUSE-SU-2025:03171-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03171-1 advisory. This update for regionServiceClientConfigGCE contains the following fixes: - Update to version 5.0.0. bsc1246995 - SLE 16 python-requests...
SUSE-SU-2025:03171-1 Security update for regionServiceClientConfigGCE
This update for regionServiceClientConfigGCE contains the following fixes: - Update to version 5.0.0. bsc1246995 + SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. - Update conditional to handle name change of metadata...
Security update for regionServiceClientConfigGCE
This update for regionServiceClientConfigGCE contains the following fixes: Update to version 5.0.0. bsc1246995 SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. Update conditional to handle name change of metadata package in...