CVE-2026-26033

UPS Multi-UPS Management Console MUMC version 01.06.0001 A03 contains an Unquoted Search Path or Element CWE-428 vulnerability, which allows a user with write access to a directory on the system drive to execute arbitrary code with SYSTEM privileges...

Ercom Cryptobox 安全漏洞

Ercom Cryptobox is an encryption collaboration platform developed by the French company Ercom. There is a security vulnerability in Ercom Cryptobox, which stems from a flaw in the management console. This flaw may allow entity administrators to gain global administrator privileges...

EUVD-2018-4940

Malware in sbrugna...

EUVD-2024-48870

Malicious code in bioql PyPI...

EUVD-2023-12818

Malicious code in bioql PyPI...

EUVD-2025-6761

Malicious code in bioql PyPI...

EUVD-2024-50973

Malicious code in bioql PyPI...

EUVD-2024-48871

Malicious code in bioql PyPI...

CVE-2024-7631

A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.goL112 Because of this unsafe filepath construction, an...

CVE-2024-12582

A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the...

CVE-2024-12582

A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the...

PT-2024-38095 · Red Hat · Openshift Console

Name of the Vulnerable Software and Affected Versions: OpenShift console affected versions not specified Description: A flaw was found in the OpenShift console, where several endpoints use the authHandler and authHandlerWithUser middleware functions. When the default authentication provider is se...

CVE-2024-7079

A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this endpoint is gated by the authHandlerWithUser middleware function. Contrary to its name, this...

The vulnerability of the Management Console in the corporate version of GitHub Enterprise Server allows a perpetrator to execute arbitrary commands and increase their privileges.

The vulnerability of the Management Console in the corporate version of GitHub Enterprise Server is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands and increase their privileges...

h2: Loading of custom classes from remote servers through JNDI

A flaw was found in the H2 Console. This flaw allows remote attackers to execute arbitrary code via a JDBC URL, concatenating with a substring that allows remote code execution by using a script...

USN-5091-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities

Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. CVE-2021-33624 It was...

PT-2021-13851 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: keycloak affected versions not specified Description: A flaw was found in the new account console of keycloak, allowing malicious code to be executed using the referrer URL. The highest threat from this issue is to data confidentiality and...

The vulnerability of the Console component of the Oracle WebLogic Server application server, related to insufficient input validation, allows an attacker to gain unauthorized access to read, modify, add, or delete data.

The vulnerability of the Console component of the Oracle WebLogic Server application lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker to gain unauthorized access to read, modify, add, or delete data using the HTTP protocol...

The vulnerability of the Cisco IOS operating system’s virtual console, related to the use of pre-installed credentials, allows a perpetrator to gain access to the system and execute arbitrary commands with root privileges.

The vulnerability of the Cisco IOS virtual console is related to the use of pre-installed credentials. Exploiting this vulnerability can allow a perpetrator to gain access to the system and execute arbitrary commands with root privileges...

Symantec Messaging Gateway Stored AD Password Vulnerability

Symantec Messaging Gateway is a suite of anti-spam, anti-virus, advanced content filtering and data leakage protection technologies from Symantec. A security vulnerability exists in the management console of Symantec Messaging Gateway versions prior to 10.6.0-7. An attacker could exploit the...