EUVD-2018-19495

Malware in sbrugna...

CVE-2024-7045 Improper Access Control in open-webui/open-webui

In version v0.3.8 of open-webui/open-webui, improper access control vulnerabilities allow an attacker to view any prompts. The application does not verify whether the attacker is an administrator, allowing the attacker to directly call the /api/v1/prompts/ interface to retrieve all prompt...

Schneider Electric Patches XML Vulnerability In Software

Schneider Electric on Tuesday issued fixes for a vulnerability in its SoMachine Basic software, which could result in the disclosure and retrieval of arbitrary data. The software in question is used to develop code for programmable logic controllers. Attackers can leverage a vulnerability within...

Cimetrics BACnet Explorer 4.0 XXE Injection

Cimetrics BACnet Explorer 4.0 XXE Vulnerability Vendor: Cimetrics, Inc. Product web page: https://www.cimetrics.com Affected version: 4.0.0.0 Summary: The BACnet Explorer is a BACnet client application that helps auto discover BACnet devices. Desc: BACnetExplorer suffers from an XML External Enti...

EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection

------------------------------------------------------------------------ EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection ------------------------------------------------------------------------ Han Sahin, November 2014...

mySeatXT 0.164 SQL Injection

------------------------------------------------------------------------ Software................mySeatXT 0.164 Vulnerability...........SQL Injection Download................http://sourceforge.net/projects/coursems Release Date............2/16/2011 Tested On...............Windows Vista + XAMPP...