CVE-2019-25447 OrientDB 3.0.17 Cross-Site Request Forgery

OrientDB 3.0.17 GA Community Edition contains cross-site request forgery vulnerabilities that allow attackers to perform unauthorized actions by crafting malicious requests to endpoints like /database/, /command/, and /document/. Attackers can create or delete databases, modify schema classes,...

Cisco Identity Services Engine Multiple Vulnerabilities (cisco-sa-ise-multiple-vulns-O9BESWJH)

According to its self-reported version, Cisco ISE is affected by multiple vulnerabilities. - Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interfac...

EUVD-2017-3864

Malware in sbrugna...

EUVD-2013-6492

Malware in sbrugna...

EUVD-2021-6720

Malicious code in bioql PyPI...

EUVD-2022-46524

Malicious code in bioql PyPI...

EUVD-2023-24339

Malicious code in bioql PyPI...

EUVD-2022-25891

Malicious code in bioql PyPI...

EUVD-2021-6815

Malicious code in bioql PyPI...

EUVD-2021-6631

Malicious code in bioql PyPI...

EUVD-2021-6922

Malicious code in bioql PyPI...

EUVD-2021-6759

Malicious code in bioql PyPI...

EUVD-2022-38757

Malicious code in bioql PyPI...

EUVD-2022-25885

Malicious code in bioql PyPI...

CVE-2022-20838

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...

CVE-2022-20872

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...

CVE-2012-4609

The web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

CVE-2011-4436

Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

PT-2025-22343 · Echarge Hardy Barth · Cph2 / Cpp2 Charging Stations

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns several scripts in the web interface that are accessible via undocumented hard-coded credentials. These scripts provide access to additional administrative and debug...

CVE-2024-28027

Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...