13 matches found
EUVD-2020-12482
Malware in sbrugna...
EUVD-2024-15806
Malicious code in bioql PyPI...
CVE-2024-0003
A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the array allowing privileged access...
CVE-2024-0003
CVE-2024-0003 affects Pure Storage FlashArray Purity. The issue: a malicious user could use a remote administrative service to create an account on the array, granting privileged access. Documented impact includes high confidentiality, integrity, and availability concerns with a network attack ve...
CVE-2020-1614
A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function VNF instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service e.g. SSH on the VNF, either locally, or...
CVE-2020-1614 NFX250 Series: Hardcoded credentials in the vSRX VNF instance.
A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function VNF instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service e.g. SSH on the VNF, either locally, or...
REDDOX Multiple Vulnerabilities
REDDOXX Appliance is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:reddoxx:reddoxappliance";...
Microsoft Machine Debug Manager (mdm) DLL Hijacking
Microsoft Machine Debug Manager mdm DLL side loading vulnerability Vulnerability: DLL Hijacking / DLL Side Loading Advisory URL: https://ipositivesecurity.com/2017/06/15/microsoft-machine-debug-manager-mdm-insecure-library-loading-allows-code-execution/ ------------------------ ABOUT...
SQL Injection Vulnerability in DeptId Parameter of Wave Software Administrative Services System
The Administrative Service System ASS is a comprehensive administrative service system that integrates information and consultation, approval and charging, management and coordination, and complaints and supervision. A SQL injection vulnerability exists in the DeptId parameter of the administrati...
SQL Injection Vulnerability in InfoId Parameter of Wave Software Administrative Service System
The Administrative Service System ASS is a comprehensive administrative service system that integrates information and consultation, approval and charging, management and coordination, and complaints and supervision. A SQL injection vulnerability exists in the InfoId parameter of the administrati...
SQL Injection Vulnerability in TypeID Parameter of Wave Software Administrative Services System
The Administrative Service System ASS is a comprehensive administrative service system that integrates information and consultation, approval and charging, management and coordination, and complaints and supervision. A SQL injection vulnerability exists in the TypeID parameter of the administrati...
SQL Injection Vulnerability in id Parameter of Wave Software Administrative Services System
The Administrative Service System ASS is a comprehensive administrative service system that integrates information and consultation, approval and charging, management and coordination, and complaints and supervision. A SQL injection vulnerability exists in the id parameter of the administrative...
SQL Injection Vulnerability in dicCode Parameter of Wave Software Administrative Services System
The Administrative Service System ASS is a comprehensive administrative service system that integrates information and consultation, approval and charging, management and coordination, and complaints and supervision. A SQL injection vulnerability exists in the dicCode parameter of the...