17 matches found
EUVD-2022-49520
Malicious code in bioql PyPI...
EUVD-2022-48044
Malicious code in bioql PyPI...
CVE-2025-33108
IBM Backup, Recovery and Media Services for i 7.4 and 7.5 could allow a user with the capability to compile or restore a program to gain elevated privileges due to a library unqualified call made by a BRMS program. A malicious actor could cause user-controlled code to run with component access to...
CVE-2025-25763
crmeb CRMEB-KY v5.4.0 and before has a SQL Injection vulnerability at getRead in /system/SystemDatabackupServices.php...
CVE-2022-45127
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition...
CVE-2022-45127
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition...
CVE-2022-46733
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands...
CVE-2022-46733
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands...
Cross site scripting
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands...
Cross site request forgery (csrf)
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition...
CVE-2022-47911 CVE-2022-47911
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system...
CVE-2022-46733 CVE-2022-46733
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands...
CVE-2022-45127
CVE-2022-45127 affects Sewio’s RTLS Studio, version 2.0.0 through 2.6.2. The vulnerability is a cross-site request forgery (CSRF) in the backup services, enabling an attacker to trigger arbitrary backup operations and cause a denial-of-service condition. The issue is documented across multiple so...
CVE-2022-45127 CVE-2022-45127
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition...
CVE-2022-45127 CVE-2022-45127
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition...
PT-2023-15001 · Sewio · Sewio'S Real-Time Location System (Rtls) Studio
Name of the Vulnerable Software and Affected Versions: Sewio’s Real-Time Location System RTLS Studio versions 2.0.0 through 2.6.2 Description: The issue concerns cross-site scripting in the backup services of the software. An attacker could exploit this to execute arbitrary commands...
IBM SVC or IBM Storwize storage LUN can be deleted under specific circumstances
Challenge | Newly created LUNs on IBM storages that utilize the Spectrum Virtualize Software with Veeam B&RIBM SVC or IBM FlashSystem, under very specific circumstances, can be deleted by Veeam B&R. --- Cause | Spectrum Virtualize software has the ability to reuse LUN IDs, which are not set to be...