19 matches found
CVE-2026-49191
The CVE-2026-49191 entry concerns the production build of the M3WebServer where backend API keys are hard-coded and can be intercepted via verbose error handling pages. According to the provided data, this results in a high-impact exposure affecting confidentiality, integrity, and availability (C...
CVE-2026-7058 666ghj MiroFish Inter-Process Communication simulation_ipc.py SimulationIPCClient.send_command command injection
A vulnerability has been found in 666ghj MiroFish up to 0.1.2. The impacted element is the function SimulationIPCClient.sendcommand of the file backend/app/services/simulationipc.py of the component Inter-Process Communication. Such manipulation leads to command injection. It is possible to launc...
PT-2026-4788
Name of the Vulnerable Software and Affected Versions Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 Description The firmware contains an authorization flaw within the user management API. A low-privileged authenticated user can alter the administrator account passwo...
EUVD-2009-0444
Malware in sbrugna...
CVE-2025-8557
An internal product security audit of Lenovo XClarity Orchestrator LXCO discovered the below vulnerability: An attacker with access to a device on the local Lenovo XClarity Orchestrator LXCO network segment may be able to manipulate the local device to create an alternate communication channel...
GHSA-RRGF-HCR9-JQ6H TinyScientist has Path Traversal Vulnerability in PDF Review Function (CWE-22)
Description A critical path traversal vulnerability CWE-22 has been identified in the reviewpaper function in backend/app.py. The vulnerability allows malicious users to access arbitrary PDF files on the server by providing crafted file paths that bypass the intended security restrictions. Impact...
SUSE-SU-2024:2597-1 Security update for apache2
This update for apache2 fixes the following issues: - CVE-2024-36387: Fixed DoS by null pointer in websocket over HTTP/2 bsc1227272 - CVE-2024-38475: Fixed improper escaping of output in modrewrite bsc1227268 - CVE-2024-38476: Fixed server may use exploitable/malicious backend application output ...
SUSE-SU-2024:2591-1 Security update for apache2
This update for apache2 fixes the following issues: - CVE-2024-38475: Fixed improper escaping of output in modrewrite bsc1227268 - CVE-2024-38476: Fixed server may use exploitable/malicious backend application output to run local handlers via internal redirect bsc1227269...
CVE-2023-38199
coreruleset aka OWASP ModSecurity Core Rule Set through 3.3.4 does not detect multiple Content-Type request headers on some platforms. This might allow attackers to bypass a WAF with a crafted payload, aka "Content-Type confusion" between the WAF and the backend application. This occurs when the...
CVE-2023-38199
coreruleset aka OWASP ModSecurity Core Rule Set through 3.3.4 does not detect multiple Content-Type request headers on some platforms. This might allow attackers to bypass a WAF with a crafted payload, aka "Content-Type confusion" between the WAF and the backend application. This occurs when the...
CVE-2022-44731
The CVE-2022-44731 vulnerability affects Siemens SIMATIC WinCC OA Ultralight Client. The Ultralight Client backend can be injected with custom arguments under certain conditions when started via the web interface, enabling an authenticated remote attacker to inject parameters (e.g., open attacker...
Authorization
Extensible Service Proxy, a.k.a. ESP is a proxy which enables API management capabilities for JSON/REST or gRPC API services. ESPv1 can be configured to authenticate a JWT token. Its verified JWT claim is passed to the application by HTTP header "X-Endpoint-API-UserInfo", the application can use ...
U.S. Dept Of Defense: Blind stored XSS due to insecure contact form at https://█████.mil leads to leakage of session token and
Summary: I have discovered a blind stored cross site scripting vulnerability due to an insecure Contact form available here https://███████.mil/ This form does not properly sanitize user input allowing for the insertion and submission of dangerous characters such as angle brackets. I was able to...
Informatica: ..; bypass leading to tomcat scripts [Unauthenticated]
Hello all Using the technique ..; i was able to bypass the protection mechanism to access Tomcat Example Scripts hosted at https://███/. Steps to reproduce 1 - Open all URL's bellow inside your browser https://█████████/..;/examples/servlets/servlet/SessionExample | Will lead to Session...
CVE-2019-13025
Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST HTTP request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable mod...
Remote Code Execution in esigate-core
esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable vi...
Design/Logic Flaw
esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable vi...
PayPal Inc BB #74 - Persistent Core Backend Vulnerability
Document Title: =============== PayPal Inc BB 74 - Persistent Core Backend Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1278 PayPal Inc Security UID: cDc49dT Vulnerability Magazine Article:...
CVE-2009-0440
IBM WebSphere Partner Gateway WPG 6.0.0 through 6.0.0.7 does not properly handle failures of signature verification, which might allow remote authenticated users to submit a crafted RosettaNet aka RNIF document to a backend application, related to 1 "altered service content" and 2 "digital...