230 matches found
CVE-2026-8800
Incorrect Authorization vulnerability in Progress MOVEit Transfer Audit User module. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...
CVE-2026-8800
Incorrect Authorization vulnerability in Progress MOVEit Transfer Audit User module. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...
EUVD-2026-42384
Incorrect Authorization vulnerability in Progress MOVEit Transfer Audit User module. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...
PT-2026-56573
Name of the Vulnerable Software and Affected Versions MOVEit Transfer versions prior to 2025.0.7 MOVEit Transfer versions 2025.1.0 through 2025.1.2 Description An incorrect authorization issue exists within the Audit User module, which may allow unauthorized access or actions. Recommendations...
EUVD-2026-11706
The Honeywell IQ4x building management controller, exposes its full web-based HMI without authentication in its factory-default configuration. With no user module configured, security is disabled by design and the system operates under a System Guest level 100 context, granting read/write...
CVE-2021-47917
CVE-2021-47917 affects Simple CMS 2.1. It describes a persistent cross-site scripting (XSS) vulnerability in user input parameters that attackers can inject via the newUser and editUser modules. The injected scripts can execute on the user list preview, potentially leading to session hijacking an...
PT-2026-5562
Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading...
Astra Linux – Vulnerability in ansible-core
A flaw was discovered in Ansible. The ansible-core user module allows an unprivileged user to silently create or replace the contents of any file on any system path, and to take ownership of that file when a privileged user executes the user module against the unprivileged user’s home directory. ...
CVE-2023-49244
Permission management vulnerability in the multi-user module. Successful exploitation of this vulnerability may affect service confidentiality...
Insertion of Sensitive Information into Log File
Overview ansible is a simple IT automation system. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the community.general.keycloakuser module due to exposing the credentials.value field in verbose output. An attacker can obtain sensitive...
Remote Code Execution (RCE)
Dolibarr is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of the computed field parameter in the User module configuration, which allows an attacker to inject malicious input and execute arbitrary code...
EUVD-2025-44060
Cross-Site Request Forgery CSRF in SourceCodester Product Expiry Management System. The User Management module delete-user.php allows remote attackers to delete arbitrary user accounts via forged cross-origin GET requests because the endpoint relies solely on session cookies and lacks CSRF...
EUVD-2012-3783
Malware in sbrugna...
EUVD-2019-3484
Malware in sbrugna...
EUVD-2017-0002
Malware in sbrugna...
EUVD-2012-1322
Malware in sbrugna...
EUVD-2019-3485
Malware in sbrugna...
EUVD-2018-0017
Malware in sbrugna...
EUVD-2012-3752
Malware in sbrugna...
EUVD-2008-4771
Malware in sbrugna...