EUVD-2019-5200

Malware in sbrugna...

CVE-2025-55106

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

CVE-2024-45367

CVE-2024-45367 affects Optigo Networks’ ONS-S8 – Spectra Aggregation Switch. The web server contains an incomplete authentication process that can allow an attacker to authenticate without a password. Affected firmware: 1.3.7 and earlier. The issue is categorized as weak authentication (CWE-1390)...

ROS-20240711-04

A vulnerability in the github.com/containers/image library is related to the fact that an attacker can initiate unexpected authenticated registry accesses on behalf of a victim user. Exploitation of the vulnerability could allow an attacker acting remotely to cause resource depletion, local path...

CVE-2023-38029 Saho ADM100&ADM-100FP - Arbitrary File Upload

Saho’s attendance devices ADM100 and ADM-100FP has insufficient filtering for special characters and file type within their file uploading function. A unauthenticate remote attacker authenticated can upload and execute arbitrary files to perform arbitrary system commands or disrupt service...

DirectAdmin Multiple Cross Site Scription

Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian Original Advisory : http://aria-security.net/advisory/directadmin.txt ----------------------------------------------------------- Software: DirectAdmin V1.28.1 DirectAdmin level used : Admin level PoC:...