26 matches found
CVE-2021-31427
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...
EUVD-2021-18369
Malware in sbrugna...
EUVD-2018-19654
Malware in sbrugna...
EUVD-2018-19672
Malware in sbrugna...
EUVD-2018-3463
Malware in sbrugna...
EUVD-2012-0272
Malware in sbrugna...
EUVD-2025-15414
Malicious code in bioql PyPI...
CVE-2025-36605
Dell Unity, versions 5.5 and prior, contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'. An unauthenticated attacker with remote access could...
CVE-2025-8226
A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been classified as problematic. Affected is an unknown function of the file /sysApp/find. The manipulation of the argument accessKey/secretKey leads to information disclosure. It is possible to launch the attack remotely. The...
CVE-2022-42389
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2020-10613
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is no...
CVE-2025-30347
Varnish Enterprise before 6.0.13r13 allows remote attackers to obtain sensitive information via an out-of-bounds read for range requests on ephemeral MSE4 stevedore objects...
CVE-2023-23875
creationtimestamp| type| source ---|---|--- 2023-05-03 20:31:07+00:00| seen| https://t.me/cibsecurity/63232...
CVE-2022-42454 HCL BigFix Insights for Vulnerability Remediation (IVR) is vulnerable to improper certificate validation
Insights for Vulnerability Remediation IVR is vulnerable to man-in-the-middle attacks that may lead to information disclosure. This requires privileged network access...
[SECURITY] [] python-django security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3177-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb November 04, 2022 https://wiki.debian.org/LTS -...
Timing Attack
ibexa/core is vulnerable to timing attacks. The vulnerability exists because the library uses random execution time, which is not a secure enough algorithm to be used when authenticating users into the system, resulting in sensitive user information disclosure...
CVE-2021-27769
Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system. This information may or may not be sensitive and does not automatically mean a breach is likely to occur. Overall, any information that could be used for an attack should be...
MGASA-2021-0398 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.56 and fixes at least the following security issues: In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection...
Debian: Security Advisory (DLA-2692-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2020-0333 Updated kernel packages fix security vulnerability
This provides an update to kernel 5.7 series, currently based on upstream 5.7.14 adding support for new hardware and features, and fixes at least the following security issues: An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aalabelparse fails in...