9 matches found
PT-2025-50368
Name of the Vulnerable Software and Affected Versions 1Panel versions 1.10.33 through 2.0.15 Description The software contains a cross-site request forgery CSRF issue in the web port configuration functionality. The port-change endpoint does not have CSRF protections, such as anti-CSRF tokens or...
CVE-2025-13165 Digiwin|EasyFlow GP - Denial of service
EasyFlow GP developed by Digiwin has a Denial of service vulnerability, allowing unauthenticated remote attackers to send specific requests that result in denial of web service...
CVE-2025-13165
CVE-2025-13165 concerns Digiwin EasyFlow GP. The vulnerability is a Denial of Service via unauthenticated remote requests that can crash or deny the web service. The initial records attribute a high impact (availability) with network access and no privileges required, but exploitation details are...
EUVD-2021-14883
Malware in sbrugna...
EUVD-2024-16878
Malicious code in bioql PyPI...
The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, allows an attacker to disclose sensitive information and also cause service failures.
The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to disclose sensitive information, as well as cause service failures...
CVE-2021-28183
The specific function in ASUS BMC’s firmware Web management page Web License configuration setting does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the...
The vulnerability of the EKOM-3000 data collection and transmission device, which arises due to insufficient verification of input data, allows a perpetrator to cause temporary service interruption of the device’s web service.
The vulnerability of the ECOOM-3000 data collection and transmission device exists due to insufficient verification of input data. Exploiting this vulnerability could allow a malicious actor to temporarily disrupt the web service of the device’s operation...
Trust the ‘Cloud’ (just make sure you have it examined first)
In the wake of Amazons Web Service disruption over the past few days we think it is important to look at the case a little closer...