CVE-2025-12461

This vulnerability allows an attacker to access parts of the application that are not protected by any type of access control. The attacker could access this path ‘…/epsilonnet/License/About.aspx’ and obtain information on both the licence and the configuration of the product by knowing which...

CVE-2025-12461 Unprotected access to parts of the application in Epsilon RH by Grupo Castilla

This vulnerability allows an attacker to access parts of the application that are not protected by any type of access control. The attacker could access this path ‘…/epsilonnet/License/About.aspx’ and obtain information on both the licence and the configuration of the product by knowing which...

CVE-2025-12461 Unprotected access to parts of the application in Epsilon RH by Grupo Castilla

This vulnerability allows an attacker to access parts of the application that are not protected by any type of access control. The attacker could access this path ‘…/epsilonnet/License/About.aspx’ and obtain information on both the licence and the configuration of the product by knowing which...

CVE-2025-12461

CVE-2025-12461 affects Grupo Castilla Epsilon RH. The issue allows an attacker to access the unprotected path …/epsilonnet/License/About.aspx and disclose license details and product configuration, including installed modules. The root cause is lack of access control on that path. Impact is infor...

EUVD-2025-36637

This vulnerability allows an attacker to access parts of the application that are not protected by any type of access control. The attacker could access this path ‘…/epsilonnet/License/About.aspx’ and obtain information on both the licence and the configuration of the product by knowing which...

EUVD-2018-6869

Malware in sbrugna...

EUVD-2017-12444

Malware in sbrugna...

EUVD-2020-22681

Malware in sbrugna...

EUVD-2022-29023

Malicious code in bioql PyPI...

EUVD-2023-44261

Malicious code in bioql PyPI...

EUVD-2021-32730

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly protected access to exptasks by the rcuprinttaskexpstall function, which could result in a nul...

Missing Authorization

org.springframework.boot is vulnerable to Missing Authorization. The vulnerability is due to incorrect request matching caused by EndpointRequest.to creating a matcher for null/ when the targeted actuator endpoint is disabled or not exposed, which allows unprotected access to the /null path...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from unprotected access to an inactive reference buffer, which could lead to reuse after release...

Moodle < 4.1.13, 4.2.x < 4.2.10, 4.3.x < 4.3.7, 4.4.x < 4.4.3 Multiple Vulnerabilities

Moodle is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle"; ifdescription...

ROS-20240821-02

Vulnerability of the seg6init function in the net/ipv6/seg6.c module of the IPv6 protocol implementation of the Linux kernel is related to the reuse of previously freed memory. Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attack...

WordPress Plugin Backup Bolt Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-13386 · Meross · Meross Msh30Q

Name of the Vulnerable Software and Affected Versions: Meross MSH30Q version 4.5.23 Description: The issue concerns the transmission of sensitive information in cleartext during the device setup phase. When setting up the device, it creates an unprotected Wi-Fi access point and requires the user ...

PT-2023-25434 · Govee · Govee Home

Name of the Vulnerable Software and Affected Versions: Govee Home app affected versions not specified Description: The Govee Home app has unprotected access to the WebView component, which can be opened by any app on the device. By sending a URL to a specially crafted site, an attacker can execut...

PT-2023-23138 · WordPress · Really Simple Plugins Recipe Maker For Your Food Blog From Zip Recipes

Name of the Vulnerable Software and Affected Versions: Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin versions 8.0.6 and earlier Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious...