65 matches found
Sonatype Nexus Repository Manager 3 - Local File Inclusion
Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1. id: CVE-2024-4956 info: name: Sonatype Nexus Repository Manager 3 - Local File Inclusion author: ritikchaddha severity: high description: | Path Traversal in Sonatype...
CVE-2021-27597
SAP NetWeaver AS for ABAP RFC Gateway, versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without specific knowledge of the system to send a...
CVE-2021-27632
SAP NetWeaver ABAP Server and ABAP Platform Enqueue Server, versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73, allows an unauthenticated attacker without specific knowledge of the system to send a...
Microsoft Windows SMB Client Improper Access Control Vulnerability
Microsoft Windows SMB Client contains an improper access control vulnerability that could allow for privilege escalation. An attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate...
CVE-2025-35061
Newforma Info Exchange NIX '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the user-configured NIX service account...
EUVD-2019-4252
Malware in sbrugna...
EUVD-2020-28711
Malware in sbrugna...
EUVD-2017-8496
Malware in sbrugna...
EUVD-2023-27780
Malicious code in bioql PyPI...
EUVD-2023-25031
Malicious code in bioql PyPI...
EUVD-2021-28750
Malicious code in bioql PyPI...
EUVD-2022-41846
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-3506
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds OOB memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure...
CVE-2025-24224
The issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.9, macOS Sequoia 15.5, macOS Ventura 13.7.7, tvOS 18.5, visionOS 2.5, watchOS 11.5. A remote attacker may be able to cause unexpected system termination...
CVE-2025-41673
A high privileged remote attacker can execute arbitrary system commands via POST requests in the sendsms action due to improper neutralization of special elements used in an OS command...
CVE-2025-41677
A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession...
CVE-2025-41673
A high privileged remote attacker can execute arbitrary system commands via POST requests in the sendsms action due to improper neutralization of special elements used in an OS command...
CVE-2023-39289
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information...
CVE-2025-27078
A vulnerability in a system binary of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to inject commands into the underlying operating system while using the CLI. Successful exploitation could lead to complete system compromise...
CVE-2025-27079
A vulnerability in the file creation process on the command line interface of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to perform remote code execution RCE. Successful exploitation could allow an attacker to execute arbitrary operating system commands on the...