EUVD-2021-22929

Malware in sbrugna...

EUVD-2022-34592

Malicious code in bioql PyPI...

CVE-2025-3905

CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists impacting PLC system variables that could cause an unvalidated data injected by authenticated malicious user leading to modify or read data in a victim’s browser...

CVE-2025-3112

CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an authenticated malicious user sends manipulated HTTPS Content-Length header to the webserver...

CVE-2023-37491

The ACL Access Control List of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, RNL64UC 7.22, RNL64UC 7.22EXT, RNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22EXT, can be bypassed in certain conditions, which may enable an authenticated malicious user to enter the...

Cross site scripting

Archer Platform 6.8 before 6.12 P6 HF1 6.12.0.6.1 contains a stored XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. 6.11.P4 6.11.0.4 is also a fixed release...

CVE-2022-46755

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized...

Arbitrary file deletion

Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion...

Authorization

The REST API in Archer Platform 6.x before 6.11 6.11.0.0 contains an Authorization Bypass Vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to view sensitive information. 6.10 P3 6.10.0.3 and 6.9 SP3 P4 6.9.3.4 are also fixed releases...

[SECURITY] [DLA 2710-1] rabbitmq-server security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2710-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA July 19, 2021 https://wiki.debian.org/LTS -...

Cross site scripting

Archer before 6.8 P4 6.8.0.4 contains a stored XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application users access the corrupted data store throug...

Information disclosure

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an information exposure vulnerability. The Office 365 user password may get logged in a plain text format in the Office 365 connector debug log file. An authenticated...

Sql injection

RSA Web Threat Detection versions prior to 6.4, contain an SQL injection vulnerability in the Administration and Forensics applications. An authenticated malicious user with low privileges could potentially exploit this vulnerability to execute SQL commands on the back-end database to gain...

CVE-2017-2327

A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to consume large amounts of system resources leading to a cascading denial of services...