144 matches found
libssh: libssh: Denial of Service via improper configuration file handling
A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service DoS by causing the system t...
CVE-2026-45399 Open WebUI: Low-privilege authenticated users can enumerate and stop global background tasks, causing system-wide chat disruption
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user with low privileges can enumerate active background tasks across the system and stop tasks belonging to other users via the GET /api/tasks and POST...
CVE-2026-23687
SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information, unauthorized access to sensitive...
CVE-2026-23687 XML Signature Wrapping in SAP NetWeaver AS ABAP and ABAP Platform
SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information, unauthorized access to sensitive...
CVE-2026-23687
CVE-2026-23687 affects SAP NetWeaver Application Server ABAP and ABAP Platform. An authenticated attacker with normal privileges can obtain a valid signed message and send modified signed XML to the verifier, potentially allowing tampered identity information and leading to unauthorized access to...
SAP AS ABAP和SAP NetWeaver ABAP Platform 数据伪造问题漏洞
SAP AS ABAP and SAP NetWeaver ABAP Platform are both products of the German company SAP. SAP AS ABAP is a development tool for SAP software. SAP NetWeaver ABAP Platform is an integrated technology platform. Both SAP AS ABAP and SAP NetWeaver ABAP Platform have vulnerabilities related to data...
ABB B&R Automation Runtime
SUMMARY ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that resolves a vulnerability. An attacker who successfully exploited this vulnerability could cause the product to stop. 2. FREQUENTLY ASKED QUESTIONS What causes the...
PT-2026-2997
Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration...
CVE-2021-33214
In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation...
SevenCs ORCA G2 安全漏洞
SevenCs ORCA G2 is an electronic charting system from SevenCs, Germany. A security vulnerability exists in SevenCs ORCA G2 version 2.0.1.35, which originates from the regService process applying a security descriptor without an explicitly configured DACL, and could result in system interruption,...
EUVD-2014-5975
Malware in sbrugna...
EUVD-1999-0444
Malware in sbrugna...
EUVD-2021-19926
Malware in sbrugna...
EUVD-2020-22066
Malware in sbrugna...
EUVD-2020-22053
Malware in sbrugna...
EUVD-2020-22068
Malware in sbrugna...
EUVD-2020-5060
Malware in sbrugna...
EUVD-2024-42854
Malicious code in bioql PyPI...
EUVD-2022-27209
Malicious code in bioql PyPI...
EUVD-2022-31221
Malicious code in bioql PyPI...