48 matches found
CVE-2025-13281
A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...
EUVD-2020-17288
Malware in sbrugna...
EUVD-2020-17287
Malware in sbrugna...
EUVD-2012-2676
Malware in sbrugna...
CVE-2025-20364
A vulnerability in the Device Analytics action frame processing of Cisco Wireless Access Point AP Software could allow an unauthenticated, adjacent attacker to inject wireless 802.11 action frames with arbitrary information. This vulnerability is due to insufficient verification checks of incomin...
CVE-2024-47062 Multiple SQL Injections and ORM Leak in navidrome
Navidrome is an open source web-based music collection server and streamer. Navidrome automatically adds parameters in the URL to SQL queries. This can be exploited to access information by adding parameters like password=... in the URL ORM Leak. Furthermore, the names of the parameters are not...
The vulnerability of the PowerScale OneFS operating system, related to errors in processing symbolic links, allows a attacker to trigger a service failure and alter arbitrary information.
The vulnerability of the PowerScale OneFS operating system is related to errors in processing symbolic links. Exploiting this vulnerability can allow an attacker to cause service failures and alter arbitrary information...
CVE-2024-38491
CVE-2024-38491 is a SQL injection vulnerability in Broadcom Symantec Privileged Access Management (PAM) that allows an unauthenticated attacker to read arbitrary information from the PAM database. Connected sources confirm the affected product and root cause as SQL injection, with unauthenticated...
CVE-2024-0802
Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted pack...
CVE-2024-0802
Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted pack...
CVE-2024-0802
CVE-2024-0802 affects Mitsubishi Electric MELSEC-Q/L Series CPU modules (MELSEC-Q/L Series) and is an Incorrect Pointer Scaling vulnerability. A remote, unauthenticated attacker can read arbitrary data or execute code by sending a specially crafted packet. The NVD/ICS advisories cite a CVSS v3.1 ...
CVE-2024-0802
Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted pack...
CVE-2023-2681
An SQL Injection vulnerability has been found on Jorani version 1.0.0. This vulnerability allows an authenticated remote user, with low privileges, to send queries with malicious SQL code on the "/leaves/validate" path and the “id” parameter, managing to extract arbritary information from the...
Sql injection
An SQL Injection vulnerability has been found on Jorani version 1.0.0. This vulnerability allows an authenticated remote user, with low privileges, to send queries with malicious SQL code on the "/leaves/validate" path and the “id” parameter, managing to extract arbritary information from the...
CVE-2023-2681 SQL Injection on Jorani
An SQL Injection vulnerability has been found on Jorani version 1.0.0. This vulnerability allows an authenticated remote user, with low privileges, to send queries with malicious SQL code on the "/leaves/validate" path and the “id” parameter, managing to extract arbritary information from the...
CVE-2023-2681 SQL Injection on Jorani
An SQL Injection vulnerability has been found on Jorani version 1.0.0. This vulnerability allows an authenticated remote user, with low privileges, to send queries with malicious SQL code on the "/leaves/validate" path and the “id” parameter, managing to extract arbritary information from the...
K23372179: Linux kernel vulnerability CVE-2018-6412
Security Advisory Description In the function sbusfbioctlhelper in drivers/video/fbdev/sbuslib.c in the Linux kernel through 4.15, an integer signedness error allows arbitrary information leakage for the FBIOPUTCMAPSPARC and FBIOGETCMAPSPARC commands. CVE-2018-6412 Impact There is no impact; F5...
HTTP User Agent Remote Code Execution
HTTP headers let the client and the server pass arbitrary information with an HTTP request User Agent field. A remote attacker may use the User Agent header to run arbitrary code on an affected target...
CVE-2020-12905
Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004403 may lead to arbitrary information disclosure...
CVE-2020-12905
CVE-2020-12905 affects AMD Graphics Driver for Windows 10 (Escape 0x3004403) with an Out-of-Bounds Read that can lead to arbitrary information disclosure. Affected component is the AMD Graphics Driver; root cause is an out-of-bounds read in the Escape handling. The CVE is listed in multiple sourc...