156 matches found
CVE-2022-50927 Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation
Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group. Attackers can exploit the default user configuration to gain root access by manipulating system binaries and leveraging unrestricte...
CVE-2022-50927 Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation
Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group. Attackers can exploit the default user configuration to gain root access by manipulating system binaries and leveraging unrestricte...
PT-2026-2403
Name of the Vulnerable Software and Affected Versions Cyclades Serial Console Server version 3.3.0 Description The Cyclades Serial Console Server has a local privilege escalation issue. The problem stems from overly permissive sudo privileges granted to the admin user and admin group. An attacker...
CVE-2025-64759
CVE-2025-64759 affects Homarr before version 1.43.3, where a stored XSS flaw allows executing arbitrary JavaScript in a user’s browser via a malicious uploaded SVG. If an administrator views the page rendering or redirecting to the SVG, an attacker could add their account to the "credentials-admi...
CVE-2025-64759 Homarr is Vulnerable to Stored Cross-Site Scripting (XSS) and Possible Privilege Escalation via Malicious SVG Upload
Homarr is an open-source dashboard. Prior to version 1.43.3, stored XSS vulnerability exists, allowing the execution of arbitrary JavaScript in a user's browser, with minimal or no user interaction required, due to the rendering of a malicious uploaded SVG file. This could be abused to add an...
EUVD-2001-1221
Malware in sbrugna...
EUVD-2017-5906
Malware in sbrugna...
EUVD-2017-11564
Malware in sbrugna...
EUVD-2022-30290
Malicious code in bioql PyPI...
EUVD-2024-52998
Malicious code in bioql PyPI...
EUVD-2024-2296
Malicious code in bioql PyPI...
EUVD-2024-49310
Malicious code in bioql PyPI...
EUVD-2023-50319
Malicious code in bioql PyPI...
EUVD-2023-30746
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-2860
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass intended access...
Linux Distros Unpatched Vulnerability : CVE-2023-6477
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE affecting all versions starting from 16.5 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions...
CVE-2025-6250 Privilege Management for Windows - Elevation of Privilege
Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions...
MRCMS 安全漏洞
MRCMS is a content management system by the individual developers at marker. A security vulnerability exists in MRCMS version 3.1.2, which stems from mishandling of the component /admin/group/save.do, which could lead to a cross-site scripting attack...
CVE-2025-50581
MRCMS v3.1.2 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/group/save.do...
CVE-2024-42604
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/admingroup.php?mode=deleteid=3...