34 matches found
CVE-2025-11193
A potential vulnerability was reported in some Lenovo Tablets that could allow a local authenticated user or application to gain access to sensitive device specific information...
EUVD-2020-11209
Malware in sbrugna...
EUVD-2025-14674
Malicious code in bioql PyPI...
PT-2025-22902 · Unknown · Proactivanet
Name of the Vulnerable Software and Affected Versions: ProactivaNet version 3.24.0.0 Description: A Privilege Escalation issue has been found in ProactivaNet, allowing any user to override the file panLoad.exe that will be executed by the SYSTEM user via a programmed task. This would allow an...
CVE-2022-34055
The drxhello package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...
CVE-2025-3625
A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor authentication 2FA...
CVE-2025-30217
Frappe is a full-stack web application framework. Prior to versions 14.93.2 and 15.55.0, a SQL Injection vulnerability has been identified in Frappe Framework which could allow a malicious actor to access sensitive information. Versions 14.93.2 and 15.55.0 contain a patch for the issue. No known...
CVE-2025-25333
An issue in IKEA CN iOS 4.13.0 allows attackers to access sensitive user information via supplying a crafted link...
PT-2025-8733 · Cisco · Cisco Apic
Name of the Vulnerable Software and Affected Versions: Cisco APIC affected versions not specified Description: A vulnerability in the implementation of internal system processes could allow an authenticated, local attacker to access sensitive information on an affected device. The attacker must...
CVE-2022-36302
File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file path to access different resources, which may contain sensitive information...
hornetq-core-client: Arbitrarily overwrite files or access sensitive information
A flaw was found in the createTempFile method of hornetq. Affected version of hornetq allows attackers to arbitrarily overwrite files or access sensitive information...
hornetq-core-client: Arbitrarily overwrite files or access sensitive information
A flaw was found in the createTempFile method of hornetq. Affected version of hornetq allows attackers to arbitrarily overwrite files or access sensitive information...
CVE-2024-20867
Samsung Email prior to 6.1.91.14 has an improper privilege management vulnerability (CVE-2024-20867) that allows local attackers to access sensitive information. Affected component: Samsung Email; root cause: privilege mismanagement enabling unauthorized local access. Remediation: update to versi...
UFIDA U8 Cloud suffers from SQL injection vulnerability (CNVD-2024-22710)
U8 Cloud is a digital platform for enterprises to go to the cloud, integrating transactions, services and management into a total ERP solution. A SQL injection vulnerability exists in UFIDA U8 Cloud, which can be exploited by attackers to gain access to sensitive database information...
CVE-2024-26302
ClearPass Policy Manager’s web-based management interface is affected by a vulnerability that could allow a remote attacker with low privileges to access sensitive information, potentially enabling further access to network services. The issue is addressed via Aruba Networks fixes; Aruba PSA 2024...
CVE-2024-20822
Implicit intent hijacking vulnerability in AccountActivity of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent...
RHEL 8 : postgresql:13 (RHSA-2023:7580)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7580 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: schemaelement defeats protective...
CVE-2023-30703
Improper URL validation vulnerability in Samsung Members prior to version 14.0.07.1 allows attackers to access sensitive information...
CVE-2023-0091
A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information...
Ubuntu: Security Advisory (USN-3860-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...