19 matches found
EUVD-2025-27855
Malicious code in bioql PyPI...
EUVD-2025-27857
Malicious code in bioql PyPI...
CVE-2025-3773
A sensitive information exposure vulnerability in System Information Reporter SIR 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder...
CVE-2025-3722
A path traversal vulnerability in System Information Reporter SIR 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and...
CVE-2025-3773
A sensitive information exposure vulnerability in System Information Reporter SIR 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder...
CVE-2025-3773
A sensitive information exposure vulnerability in System Information Reporter SIR 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder...
CVE-2025-3771
A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an authenticated non-admin local user to overwrite system files with SIR backup files, which can potentially cause a system crash. This was achieved by adding a malicious entry to the registry under the...
CVE-2025-3722
A path traversal vulnerability in System Information Reporter SIR 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and...
CVE-2025-3722
A path traversal vulnerability in System Information Reporter SIR 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and...
CVE-2025-3773
A sensitive information exposure vulnerability in System Information Reporter SIR 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder...
CVE-2025-3773
The CVE-2025-3773 issue affects Trellix System Information Reporter (SIR) versions 1.0.3 and earlier, exposing sensitive information stored in a registry backup folder. Affected component is the registry backup area; the root cause is described as a sensitive information exposure to authenticated...
CVE-2025-3773
A sensitive information exposure vulnerability in System Information Reporter SIR 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder...
CVE-2025-3722
CVE-2025-3722 affects System Information Reporter (SIR) versions 1.0.3 and prior. A path-traversal flaw allows an authenticated high-privileged user to issue malicious ePO post requests to SIR, enabling creation of files anywhere on the filesystem, potential overwriting of existing files, and exp...
CVE-2025-3722
A path traversal vulnerability in System Information Reporter SIR 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and...
CVE-2025-3722
A path traversal vulnerability in System Information Reporter SIR 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and...
PT-2025-26950
Name of the Vulnerable Software and Affected Versions: System Information Reporter SIR versions 1.0.3 and prior Description: A path traversal issue allows an authenticated, high-privileged user to send malicious ePO post requests, potentially creating files anywhere on the filesystem, overwriting...
PT-2025-26951
Name of the Vulnerable Software and Affected Versions: System Information Reporter versions 1.0.3 and prior Description: The issue allows a local user to manipulate the location of registry backup files by creating a junction symlink, potentially overwriting system files. This can be achieved by...
PT-2025-26952
Name of the Vulnerable Software and Affected Versions: System Information Reporter SIR versions 1.0.3 and prior Description: A sensitive information exposure issue allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder. Recommendations: Fo...
Trellix System Information Reporter 安全漏洞
Trellix System Information Reporter is a system information cell phone tool from Trellix USA. A security vulnerability exists in Trellix System Information Reporter version 1.0.3 and earlier, which stems from a sensitive information disclosure issue...