132 matches found
CVE-2025-64055
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device e.g. file upload, firmware update, reboot... via a crafted authentication bypass...
PT-2025-48998
Name of the Vulnerable Software and Affected Versions Fanvil x210 V2 version 2.12.20 Description An issue exists in Fanvil x210 V2 version 2.12.20 that allows unauthenticated attackers on the local network to access administrative functions of the device. These functions include file upload,...
CVE-2025-64055
CVE-2025-64055 affects Fanvil x210 V2 (firmware 2.12.20). The issue is an unauthenticated authentication bypass on the local network that enables access to administrative functions such as file upload, firmware update, and reboot. The root cause is a crafted bypass that bypasses authentication, g...
CVE-2025-51682
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly...
CVE-2025-51682
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly...
CVE-2025-0504 Black Duck SCA Project Privilege Escalation
Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly broad manner. Users with the scoped Project Manager user role with the Global User Read access permission enabled access to certain Project Administrator functionalities which should have be inaccessible...
CVE-2025-6892
CVE-2025-6892, -6893, and -6894 relate to Moxa network security devices. The connected Red Hat advisories describe a set of API/authorization flaws in Moxa appliances: (CVE-2025-6892) an Incorrect Authorization flaw in API authentication that allows unauthorized privileged operations after login;...
CVE-2025-11171
The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for Critical Function in all versions up to, and including, 3.5.9. This is due to the plugin registering an unauthenticated AJAX action that dispatches to admin-class methods based on a request parameter,...
CVE-2025-11171
The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for Critical Function in all versions up to, and including, 3.5.9. This is due to the plugin registering an unauthenticated AJAX action that dispatches to admin-class methods based on a request parameter,...
CVE-2025-11171 Chartify – WordPress Chart Plugin <= 3.5.9 - Missing Authentication for Administrative Function
The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for Critical Function in all versions up to, and including, 3.5.9. This is due to the plugin registering an unauthenticated AJAX action that dispatches to admin-class methods based on a request parameter,...
EUVD-2018-18724
Malware in sbrugna...
EUVD-2008-5285
Malware in sbrugna...
EUVD-2008-3023
Malware in sbrugna...
EUVD-2008-0339
Malware in sbrugna...
EUVD-2022-45511
Malicious code in bioql PyPI...
EUVD-2024-54833
Malicious code in bioql PyPI...
EUVD-2025-27195
Malicious code in bioql PyPI...
EUVD-2024-18153
Malicious code in bioql PyPI...
EUVD-2024-16584
Malicious code in bioql PyPI...
EUVD-2023-42712
Malicious code in bioql PyPI...