8 matches found
EUVD-2025-9670
Malicious code in bioql PyPI...
CVE-2025-8434
A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been classified as critical. Affected is an unknown function of the file /admin.php. The manipulation of the argument ID leads to missing authorization. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-32859
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockWebServerGatewaySettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to...
CVE-2024-12901
A vulnerability classified as critical was found in FoxCMS up to 1.2. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/Site.php of the component API Endpoint. The manipulation of the argument password leads to improper authorization. The attack can be...
SUSE-SU-2022:3710-1 Security update for multipath-tools
This update for multipath-tools fixes the following issues: - CVE-2022-41973: Fixed a symlink attack in multipathd. bsc1202739 - CVE-2022-41974: Fixed an authorization bypass issue in multipathd. bsc1202739 - multipathd: add 'forcereconfigure' option bsc1189551 The command 'multipathd...
SUSE-SU-2022:3707-1 Security update for multipath-tools
This update for multipath-tools fixes the following issues: - CVE-2022-41973: Fixed a symlink attack in multipathd. bsc1202739 - CVE-2022-41974: Fixed an authorization bypass issue in multipathd. bsc1202739 - Avoid linking to libreadline to avoid licensing issue bsc1202616 - Fix that some zfcp...
MGASA-2019-0147 Updated mariadb packages fix security vulnerability
Vulnerability in the MariaDB Server component of MariaDB subcomponent: Server: Optimizer. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized...
CVE-2017-14007
An Insufficient Session Expiration issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The user's session is available for an extended period beyond the last activity, allowing an attacker to reuse an old session for authorization...