PT-2026-3688

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft versions 8.60 through 8.62 Description A flaw exists within the Portal component of Oracle PeopleSoft Enterprise PeopleTools that allows an unauthenticated attacker with network access via HTTP to compromise the system...

EUVD-2017-14890

Malware in sbrugna...

EUVD-2024-18847

Malicious code in bioql PyPI...

WordPress Kitring Theme <= 2.8 is vulnerable to Local File Inclusion

Software Kitring Type Theme Vulnerable versions = 2.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-49426 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 373cf39af191 Credits Bonds Required privilege Unauthenticated Published 20...

WordPress NetInsight Analytics Implementation Plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Chu The Anh Blue Rock in WordPress Plugin NetInsight Analytics Implementation Plugin versions = 1.0.3...

CVE-2024-32977

OctoPrint has a vulnerability (CVE-2024-32977) that allows an unauthenticated attacker to bypass authentication when autologinLocal is enabled in config.yaml on versions up to 1.10.0. The bypass occurs by spoofing the client IP with the X-Forwarded-For header, even from networks not in localNetwo...

PT-2023-13434 · Lenovo · Lenovo Printers

Name of the Vulnerable Software and Affected Versions: Lenovo Printers affected versions not specified Description: The issue allows standard users to directly operate and set printer configuration information, such as IP, in some Lenovo Printers without having to authenticate with the...

CVE-2023-28962 Junos OS: Unauthenticated access vulnerability in J-Web

An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to upload arbitrary files to temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to...

CVE-2022-24038 Unauthorized modification in Karmasis Informatics Infraskope SIEM+

Karmasis Informatics Infraskope SIEM+ has an unauthenticated access vulnerability which could allow an unauthenticated attacker to damage the page where the agents are listed...

CVE-2022-24036

K CVE-2022-24036 affects Karmasis Informatics Infraskope SIEM+. The vulnerability is an unauthenticated access issue that could allow an attacker to modify logs. Product name appears as Infraskope SIEM+; no vendor/version details are provided beyond the affected software. Root cause and impact ar...

CVE-2018-18007

atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin credentials...

F5 rsync daemon ConfigSync interface cmi module vulnerability

Added: 09/02/2014 CVE: CVE-2014-2927 BID: 69461 OSVDB: 110595 Background F5 BIG-IP is a suite of security, availability and acceleration products. Problem When configured to support failover, multiple BIG-IP products are vulnerable to an unauthenticated rsync access vulnerability that can be...