104 matches found
EUVD-2026-28385
Wallos is an open-source, self-hostable personal subscription tracker. In versions 4.8.4 and prior, the webhook notification feature reuses an administrator-configured local-target allowlist for every logged-in user. Any normal user can fully control a webhook URL, headers, and body, then use...
CVE-2026-41689
Wallos is an open-source, self-hostable personal subscription tracker. In versions 4.8.4 and prior, the webhook notification feature reuses an administrator-configured local-target allowlist for every logged-in user. Any normal user can fully control a webhook URL, headers, and body, then use...
EUVD-2020-26041
Malware in sbrugna...
EUVD-2024-31920
Malicious code in bioql PyPI...
Siemens Totally Integrated Automation Portal (TIA Portal) Buffer Overflow Vulnerability
Totally Integrated Automation Portal TIA Portal is an integrated automation platform that provides a full suite of digital automation services from digital planning to integrated engineering and transparent operations. TIA Portal is designed to reduce time-to-market, improve plant productivity an...
The vulnerabilities of the Analyst component, Web Player, and Automation Services of the Spotfire Analyst platform, as well as the Spotfire Server and AWS Spotfire for AWS Marketplace analytical platforms, allow attackers to execute arbitrary code.
The vulnerabilities of the Analyst component, Web Player, and Automation Services of the Spotfire Analyst platform, as well as the Spotfire Server and the analytics platform based on cloud services AWS Spotfire for AWS Marketplace, are related to insufficient validation of input data. Exploiting...
CVE-2024-3330
Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS Marketplace allows In the case of the installed Windows client: Successful execution of this vulnerability will result in an attacker being able to run arbitrary code.This requires human interaction fr...
CVE-2024-3330 Spotfire Remote Code Execution Vulnerability
Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS Marketplace allows In the case of the installed Windows client: Successful execution of this vulnerability will result in an attacker being able to run arbitrary code.This requires human interaction fr...
CVE-2024-3330 Spotfire Remote Code Execution Vulnerability
Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS Marketplace allows In the case of the installed Windows client: Successful execution of this vulnerability will result in an attacker being able to run arbitrary code.This requires human interaction fr...
PT-2024-4654 · Tibco · Spotfire For Aws Marketplace +2
Name of the Vulnerable Software and Affected Versions: Spotfire Analyst versions 12.0.9 through 12.5.0 Spotfire Analyst versions 14.0 through 14.0.2 Spotfire Server versions 12.0.10 through 12.5.0 Spotfire Server versions 14.0 through 14.0.3 Spotfire Server versions 14.2.0 through 14.3.0 Spotfire...
Unspecified Vulnerability in Siemens User Management Component (UMC)
Opcenter Quality is a quality management system QMS that enables organizations to safeguard compliance, optimize quality, reduce the cost of defects and rework, and achieve operational excellence by improving process stability. simatic pcs neo is a distributed control system DCS. the SINUMERIK...
Siemens User Management Component (UMC) Cross-Site Scripting Vulnerability
Opcenter Quality is a quality management system QMS that enables organizations to safeguard compliance, optimize quality, reduce the cost of defects and rework, and achieve operational excellence by improving process stability. simatic pcs neo is a distributed control system DCS. the SINUMERIK...
The vulnerability of the API interface of the analytics and automation platform for working with Cisco Nexus Dashboard cloud networks allows a hacker to execute arbitrary commands with root privileges.
The vulnerability of the API interface of the Cisco Nexus Dashboard platform’s analytics and automation services for cloud-based data centers is related to the lack of authentication for a critical function. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with...
Description of the security update for SharePoint Enterprise Server 2016: January 11, 2022 (KB5002113)
Description of the security update for SharePoint Enterprise Server 2016: January 11, 2022 KB5002113 Summary This security update resolves a Microsoft Word remote code execution vulnerability, Microsoft Office remote code execution vulnerability, and Microsoft SharePoint Server remote code...
The vulnerability of Microsoft Office packages, Microsoft Office Online Server, Microsoft Office Web Apps Server, Word Automation Services, and the Microsoft Word text editor arises from allowing operations beyond the buffer boundaries, enabling attackers to execute arbitrary code.
The vulnerability of Microsoft Office packages, Microsoft Office Online Server, Microsoft Office Web Apps Server, Word Automation Services, and the Microsoft Word text editor is related to the execution of operations outside of the buffer boundaries. Exploitation of this vulnerability could allow...
Description of the security update for SharePoint Server 2019: April 14, 2020
Description of the security update for SharePoint Server 2019: April 14, 2020 Summary This security update resolves remote code execution vulnerabilities that exist in Microsoft SharePoint if the software does not check the source markup of an application package. To learn more about these...
MS15-081: Description of the security update for Word Automation Services on SharePoint Server 2013: August 11, 2015
Resolves vulnerabilities in Office that could allow remote code execution if a user opens a specially crafted Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more...
MS15-033: Description of the security update for SharePoint Server 2013 Word Automation Services: April 14, 2015
Resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Word file in an affected version of Office.IntroductionThis security update resolves vulnerabilities in Microsoft Office that could...
MS15-046: Description of the security update for SharePoint Server 2013 Word Automation Services: May 12, 2015
Resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Word file in an affected version of Office.IntroductionThis security update resolves vulnerabilities in Microsoft Office that could...
MS16-107: Description of the security update for Word Automation Services on SharePoint Server 2013: September 13, 2016
MS16-107: Description of the security update for Word Automation Services on SharePoint Server 2013: September 13, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more...