260 matches found
EUVD-2017-15756
Malware in sbrugna...
EUVD-2017-14113
Malware in sbrugna...
EUVD-2016-10663
Malware in sbrugna...
U.S. Dept Of Defense: Reflected Cross-Site Scripting (XSS)
A reflected cross-site scripting XSS vulnerability was discovered. An attacker could have crafted a URL that, when visited, would have triggered a JavaScript alert function, confirming the vulnerability. The vulnerability was present in the affected system. No further details about the affected...
CVE-2019-13575
A SQL injection vulnerability exists in WPEverest Everest Forms plugin for WordPress through 1.4.9. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via includes/evf-entry-functions.php...
openSUSE Security Advisory (SUSE-SU-2025:01596-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-5908-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-37301
Document Merge Service (versions ≤ 6.5.1) is vulnerable to remote code execution via server-side template injection (SSTI). The root cause is insufficient input sanitization/validation in template handling, allowing an attacker to execute code with the document-merge-server user (UID 901) and pot...
PT-2024-4986 · Microsoft · Brokering File System +1
Name of the Vulnerable Software and Affected Versions: Microsoft Brokering File System affected versions not specified Description: The issue is related to insecure privilege management in the Microsoft Brokering File System, which can be exploited to elevate privileges. This could allow an...
Adobe Acrobat Reader Input Validation Error Vulnerability (CNVD-2024-12461)
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. An input validation error vulnerability exists in Adobe Acrobat Reader. An attacker could exploit this vulnerability to compromise an affected system...
CVE-2023-48665
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system...
CVE-2023-48663
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system...
mun-maskinonge.ca Improper Access Control vulnerability OBB-3789420
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-41718
When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file...
Microsoft Office Graphics Elevation of Privilege Vulnerability (Oct 2023) - Mac OS X
This host is missing an important security update for Microsoft Office 2019 for Mac according to Microsoft security update October 2023 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holder...
CVE-2023-20227
A vulnerability in the Layer 2 Tunneling Protocol L2TP feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of certain L2TP packets. An attacker could explo...
PT-2023-5131 · Microsoft · Windows Mshtml Platform +2
Name of the Vulnerable Software and Affected Versions: Windows MSHTML Platform affected versions not specified Description: The issue is related to errors in security settings, allowing an attacker to bypass existing security restrictions. This can enable attackers to affect the system. There is ...
CVE-2023-20238
A vulnerability in the single sign-on SSO implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system. This vulnerability is due to th...
PT-2023-4775 · Microsoft · Office Onenote
Name of the Vulnerable Software and Affected Versions: Microsoft OneNote affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to conduct spoofing attacks. This allows...
K41101201: Linux kernel vulnerability CVE-2017-18203
Security Advisory Description The dmgetfromkobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service BUG by leveraging a race condition with dmdestroy during creation and removal of DM devices. CVE-2017-18203 Impact Traffix SDC This...