18 matches found
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update
An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
fast-uri: fast-uri: URI authority bypass due to improper delimiter handling
A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier URI that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw...
CVE-2026-53838
OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection that allows paired nodes to confuse approval scope decisions. Attackers can exploit reconnection logic to restore or present broader node authority than intended, potentially bypassing approval...
CVE-2026-40243
A flaw was found in Incus, a system container and virtual machine manager. The Open Virtual Network OVN database connection logic contains broken Transport Layer Security TLS validation. A remote attacker, by impersonating or intercepting the OVN endpoint on the management network, can present a...
PT-2025-49107
Name of the Vulnerable Software and Affected Versions Step CA affected versions not specified Description A critical issue in Step CA allows for unauthenticated bypass, enabling the issuance of fraudulent certificates. This compromises trust in potentially millions of sites. The issue allows...
EUVD-2015-7397
Malware in sbrugna...
EUVD-2016-0294
Malware in sbrugna...
CVE-2013-1065
backend.py in Jockey before 0.9.7-0ubuntu7.11 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, a related...
CVE-2021-40830
The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority CA to the root CAs instead of overriding it on Unix systems. TLS handshakes will thus succeed if the peer can be verified either from the user-supplied CA or the system’s default trust-store...
Command injection
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue-manager command access restrictions by leveraging authority for +connect and +dsp...
CVE-2016-0259
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp authority requirement and obtain sensitive information via unspecified display commands...
CVE-2013-4326
RealtimeKit aka rtkit 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, a related issue to...
Demium CMS 0.2.1B Multiple Vulnerabilities and Exploit
No description provided by source. Demium CMS, version 0.2.1 Beta, is prone to multiple remote vulnerabilities, because of insufficient security on it. Let's see them. In this advisory you can find vulnerabilities, afflicted source, and multiple Remote Exploit. Credits to : Giovanni Buzzin, Osiry...
Demium CMS 0.2.1B Multiple Vulnerabilities and Exploit
Exploit for unknown platform in category web applications ====================================================== Demium CMS 0.2.1B Multiple Vulnerabilities and Exploit ====================================================== Demium CMS, version 0.2.1 Beta, is prone to multiple remote vulnerabilitie...
Demium CMS 0.2.1b - Multiple Vulnerabilities
Demium CMS, version 0.2.1 Beta, is prone to multiple remote vulnerabilities, because of insufficient security on it. Let's see them. In this advisory you can find vulnerabilities, afflicted source, and multiple Remote Exploit. Credits to : Giovanni Buzzin, Osirys Contact : osirysatautisticidotorg...
Demium CMS 0.2.1 Beta LFI / SQL Injection / Disclosure
Demium CMS, version 0.2.1 Beta, is prone to multiple remote vulnerabilities, because of insufficient security on it. Let's see them. In this advisory you can find vulnerabilities, afflicted source, and multiple Remote Exploit. Credits to : Giovanni Buzzin, Osirys Contact : osirysatautisticidotorg...
Demium CMS 0.2.1b - Multiple Vulnerabilities
Demium CMS 0.2.1b - Multiple Vulnerabilities Demium CMS, version 0.2.1 Beta, is prone to multiple remote vulnerabilities, because of insufficient security on it. Let's see them. In this advisory you can find vulnerabilities, afflicted source, and multiple Remote Exploit. Credits to : Giovanni...
Hosting Controller still have dangerous bugs!
-Vulnerable versions: all HC versions. 1.Database directory travelsal: By adding slash dot dot,the user can view the files,folders located on the sytem and can add DSN out of user root directory. http://www.target.com/admin/dsn/dsnmanager.asp?...