EulerOS Virtualization 2.10.0 : cups (EulerOS-SA-2026-1551)

According to the versions of the cups package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user i...

Siemens SINEC NMS和Siemens User Management Component 代码问题漏洞

Siemens SINEC NMS and Siemens User Management Component are both products of Siemens, a German company. Siemens SINEC NMS is a network management system that can be used for round-the-clock centralized monitoring, management, and configuration of industrial networks with tens of thousands of...

Malicious code in polymer-adag-aisihai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97f95e84311cb63c5d80a051fcf8ecd0bb9723ed94602f66f4f18353218836cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in abu-poke13 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a18f4668ae37ad52a0caefd4abcdaf1aeb61dfb22fde4874edb7d85f89b0ab3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-48940

Combodo iTop is a web based IT service management tool. In versions prior to 2.7.13 and 3.2.2, an administrator can, by editing the configuration of the iTop instance, execute code on the server. Versions 2.7.13 and 3.2.2 escape and check the config parameter before executing a command based on i...

CVE-2025-55012

CVE-2025-55012 affects Zed, a multiplayer code editor. Before version 0.197.3, the Zed Agent Panel could allow an AI agent to bypass user permission checks and trigger Remote Code Execution by creating/modifying a project-specific configuration file, enabling arbitrary commands on a victim’s mach...

PT-2021-22430 · Cachet · Cachet

Name of the Vulnerable Software and Affected Versions: Cachet versions prior to 2.5.1 Description: Cachet is an open source status page system. Authenticated users, regardless of their privileges, can exploit a new line injection in the configuration edition feature and gain arbitrary code...

PT-2019-2991 · Microsoft · Visual Studio +1

Name of the Vulnerable Software and Affected Versions: Microsoft Visual Studio affected versions not specified Git for Visual Studio affected versions not specified Description: The issue is related to errors in privilege management in the Git component of Microsoft Visual Studio. It allows an...

Arbitrary files may be overwritten in multiple VMware products

Overview Multiple products provided by VMware Inc. contain a vulnerability where arbitrary files on the host OS may be overwritten. Shanon Olsson reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A user...

CVE-2007-6722

Vidalia bundle before 0.1.2.18, when running on Windows and Mac OS X, installs Privoxy with a configuration file config.txt or config that contains insecure 1 enable-remote-toggle and 2 enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify...