EUVD-2019-15165

Malware in sbrugna...

EUVD-2022-31043

Malicious code in bioql PyPI...

CVE-2024-11120 GeoVision EOL devices - OS Command Injection

Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received relat...

CVE-2019-5590

CVE-2019-5590 affects Fortinet FortiWeb 6.0.2 and earlier. The root cause is that the URL part of the report message is not encoded, enabling Cross-Site Scripting (XSS) via HTML-formatted attack reports. Potential impact: attacker may cause client-side code execution in a user’s browser. Exploita...

CVE-2019-5590

The URL part of the report message is not encoded in Fortinet FortiWeb 6.0.2 and below which may allow an attacker to execute unauthorized code or commands Cross Site Scripting via attack reports generated in HTML form...

The vulnerability of FortiWeb web applications’ network firewalls stems from the lack of protective measures for the website structure. This allows attackers to execute arbitrary code or perform arbitrary commands.

The vulnerability of FortiWeb web applications’ network firewalls exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or issue arbitrary commands using attack reports generated in HTML...

Cross-Site-Scripting (XSS) vulnerabilty in Fortiweb reports

The URL part of the report message is not encoded in Fortinet FortiWeb which may allow an attacker to execute unauthorized code or commands Cross Site Scripting via attack reports generated in HTML format...