CVE-2025-14265

In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execution of untrusted or arbitrary extensions by authorized or administrative users. Abuse of this behavior could result in the execution of...

EUVD-2025-202687

In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execution of untrusted or arbitrary extensions by authorized or administrative users. Abuse of this behavior could result in the execution of...

CVE-2025-14265 Improper server-side validation in ScreenConnect extension framework

In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execution of untrusted or arbitrary extensions by authorized or administrative users. Abuse of this behavior could result in the execution of...

PT-2025-50611

Name of the Vulnerable Software and Affected Versions ScreenConnect versions prior to 25.8 Description The ScreenConnect server component, in versions prior to 25.8, has insufficient server-side validation and integrity checks within its extension subsystem. This allows the installation and...

CVE-2025-40771

A vulnerability has been identified in SIMATIC CP 1542SP-1 6GK7542-6UX00-0XE0 All versions V2.4.24, SIMATIC CP 1542SP-1 IRC 6GK7542-6VX00-0XE0 All versions V2.4.24, SIMATIC CP 1543SP-1 6GK7543-6WX00-0XE0 All versions V2.4.24, SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL 6AG2542-6VX00-4XE0 All versions...

EUVD-2019-9478

Malware in sbrugna...

EUVD-2025-31099

Malicious code in bioql PyPI...

CVE-2019-19885

In Bender COMTRAXX, user authorization is validated for most, but not all, routes in the system. A user with knowledge about the routes can read and write configuration data without prior authorization. This affects COM465IP, COM465DP, COM465ID, CP700, CP907, and CP915 devices before 4.2.0...

libreoffice: Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password

A flaw was found in LibreOffice, where the required initialization vector for encryption was always the same. Stored passwords are encrypted with a single master key provided by the user. This issue weakens the security of the encryption, making them vulnerable if an attacker has access to the...

CVE-2021-20730

Improper access control vulnerability in WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allows an attacker to obtain configuration information via unspecified vectors...

Cisco SD-WAN vManage 输入验证错误漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. Cisco SD-WAN vManage has an input validation error vulnerability that stems from insufficient input validation of certain commands by the...

Unspecified Vulnerability in CloudBees Jenkins Global Post Script Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Global Post Script Plugin is used in which a...

Cisco Meeting Server 2000 Platforms Meeting Server Software Misconfiguration Vulnerability

Cisco Meeting Server CMS 2000 Platforms is the United States of America Cisco Cisco company's set of video conferencing solutions. Meeting Server CMS Software is running in which a set of video conferencing software. A misconfiguration vulnerability exists in CMS Software in Cisco CMS 2000...

Insecure input validation in everythingform.cgi (remote command execution)

Hi All, This is Yet Another Bad Perl Script. everythingform.cgi uses a hidden field 'config' to determine where to read configuration data from. --code snippit-- .. $ConfigFile = $inconfig; .. openCONFIG, "$configdir$ConfigFile" || &Error"I can't open $ConfigFile in the ReadConfig subroutine...