92 matches found
CVE-2026-41430
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS. Redirect parameter on login page is vulnerable to reflected XSS. The patch in commit 16d1b6ca2559f858a1de77bcb03fd7f1b81671c6 fixes the issue by restricting...
CVE-2026-41317
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS.press.api.account.createapisecret is prone to CSRF-like exploits. This endpoint writes to database and it is also accessible via GET method. The patch in commit...
EUVD-2019-14357
Malware in sbrugna...
EUVD-2018-12569
Malware in sbrugna...
EUVD-2019-14358
Malware in sbrugna...
CVE-2025-10716
A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cxsw.sdprinter. Executing manipulation can lead to improper export of android application components. It is possible ...
CVE-2025-10716
A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cxsw.sdprinter. Executing manipulation can lead to improper export of android application components. It is possible ...
CVE-2025-10716 Creality Cloud App com.cxsw.sdprinter AndroidManifest.xml improper export of android application components
A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cxsw.sdprinter. Executing manipulation can lead to improper export of android application components. It is possible ...
CVE-2025-10716
The CVE-2025-10716 entry concerns Creality Cloud App for Android versions up to 6.1.0, affecting the AndroidManifest.xml handling of the com.cxsw.sdprinter component. The underlying issue is an improper export of android application components, which can enable a local attack on the host. Public ...
CVE-2025-10716 Creality Cloud App com.cxsw.sdprinter AndroidManifest.xml improper export of android application components
A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cxsw.sdprinter. Executing manipulation can lead to improper export of android application components. It is possible ...
PT-2025-38539
Name of the Vulnerable Software and Affected Versions Creality Cloud App versions up to 6.1.0 Description A flaw has been found in Creality Cloud App for Android. The vulnerability is due to improper export of android application components within the AndroidManifest.xml file of the...
Creality Cloud App 安全漏洞
Creality Cloud App is a 3D printing mobile application from Creality China. A security vulnerability exists in Creality Cloud App version 6.1.0 and earlier, which stems from an improperly exported component com.cxsw.sdprinter in the file AndroidManifest.xml, which could lead to a localhost attack...
Vasion Print 代码问题漏洞
Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print versions prior to 1.0.735 Application 20.0.1330 that stems from allowing the upload of dangerous types of driver files...
Harnessing the Power of Cloud App Development and DevOps for Modern Businesses
Leverage Cloud App Development and DevOps to boost business agility, scalability, and security. Optimize operations, deploy faster, and…...
Xiaomi cloud service Application 跨站脚本漏洞
Xiaomi cloud service Application is a cloud service APP from Xiaomi, a Chinese company. A cross-site scripting vulnerability exists in Xiaomi cloud service Application, which stems from a whitelist checking feature that allows loading of the javascript protocol, which can be exploited by an...
hosting.koreacloudapp.or.kr Cross Site Scripting vulnerability OBB-3216367
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Shocking Findings from the 2023 Third-Party App Access Report
Spoiler Alert: Organizations with 10,000 SaaS users that use M365 and Google Workspace average over 4,371 additional connected apps. SaaS-to-SaaS third-party app installations are growing nonstop at organizations around the world. When an employee needs an additional app to increase their...
Microsoft shifts to a comprehensive SaaS security solution
Software as a service SaaS apps are ubiquitous, hybrid work is the new normal, and protecting them and the important data they store is a big challenge for organizations. Today, 59 percent of security professionals find the SaaS sprawl challenging to manage1 and have identified cloud...
Pawtao Network Technology (Shanghai) Co., Ltd. engineering cloud APP there is a leakage of information vulnerability
The Work Study Cloud app is a mobile application designed for students in higher education institutions to manage their internships. Ltd. Engineering Cloud App has an information leakage vulnerability that can be exploited by attackers to obtain sensitive information...
Security Bulletin: Multiple vulnerabilities in Mozilla Firefox affect IBM Cloud App Management
Summary There are vulnerabilities in Mozilla Firefox used by IBM® Cloud App Management. IBM® Cloud App Management has addressed the applicable CVEs in a later version. Vulnerability Details CVEID:CVE-2020-6815 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on...