15 matches found
CVE-2026-53838
OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection that allows paired nodes to confuse approval scope decisions. Attackers can exploit reconnection logic to restore or present broader node authority than intended, potentially bypassing approval...
CVE-2026-40243
A flaw was found in Incus, a system container and virtual machine manager. The Open Virtual Network OVN database connection logic contains broken Transport Layer Security TLS validation. A remote attacker, by impersonating or intercepting the OVN endpoint on the management network, can present a...
PT-2025-49107
Name of the Vulnerable Software and Affected Versions Step CA affected versions not specified Description A critical issue in Step CA allows for unauthenticated bypass, enabling the issuance of fraudulent certificates. This compromises trust in potentially millions of sites. The issue allows...
EUVD-2016-0294
Malware in sbrugna...
EUVD-2015-7397
Malware in sbrugna...
CVE-2013-1065
backend.py in Jockey before 0.9.7-0ubuntu7.11 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, a related...
Command injection
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue-manager command access restrictions by leveraging authority for +connect and +dsp...
CVE-2016-0259
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp authority requirement and obtain sensitive information via unspecified display commands...
CVE-2013-4326
RealtimeKit aka rtkit 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, a related issue to...
Demium CMS 0.2.1B Multiple Vulnerabilities and Exploit
No description provided by source. Demium CMS, version 0.2.1 Beta, is prone to multiple remote vulnerabilities, because of insufficient security on it. Let's see them. In this advisory you can find vulnerabilities, afflicted source, and multiple Remote Exploit. Credits to : Giovanni Buzzin, Osiry...
Demium CMS 0.2.1b - Multiple Vulnerabilities
Demium CMS, version 0.2.1 Beta, is prone to multiple remote vulnerabilities, because of insufficient security on it. Let's see them. In this advisory you can find vulnerabilities, afflicted source, and multiple Remote Exploit. Credits to : Giovanni Buzzin, Osirys Contact : osirysatautisticidotorg...
Demium CMS 0.2.1B Multiple Vulnerabilities and Exploit
Exploit for unknown platform in category web applications ====================================================== Demium CMS 0.2.1B Multiple Vulnerabilities and Exploit ====================================================== Demium CMS, version 0.2.1 Beta, is prone to multiple remote vulnerabilitie...
Demium CMS 0.2.1 Beta LFI / SQL Injection / Disclosure
Demium CMS, version 0.2.1 Beta, is prone to multiple remote vulnerabilities, because of insufficient security on it. Let's see them. In this advisory you can find vulnerabilities, afflicted source, and multiple Remote Exploit. Credits to : Giovanni Buzzin, Osirys Contact : osirysatautisticidotorg...
Demium CMS 0.2.1b - Multiple Vulnerabilities
Demium CMS 0.2.1b - Multiple Vulnerabilities Demium CMS, version 0.2.1 Beta, is prone to multiple remote vulnerabilities, because of insufficient security on it. Let's see them. In this advisory you can find vulnerabilities, afflicted source, and multiple Remote Exploit. Credits to : Giovanni...
Hosting Controller still have dangerous bugs!
-Vulnerable versions: all HC versions. 1.Database directory travelsal: By adding slash dot dot,the user can view the files,folders located on the sytem and can add DSN out of user root directory. http://www.target.com/admin/dsn/dsnmanager.asp?...