CVE-2026-26033

UPS Multi-UPS Management Console MUMC version 01.06.0001 A03 contains an Unquoted Search Path or Element CWE-428 vulnerability, which allows a user with write access to a directory on the system drive to execute arbitrary code with SYSTEM privileges...

Ercom Cryptobox 安全漏洞

Ercom Cryptobox is an encryption collaboration platform developed by the French company Ercom. There is a security vulnerability in Ercom Cryptobox, which stems from a flaw in the management console. This flaw may allow entity administrators to gain global administrator privileges...

EUVD-2018-4940

Malware in sbrugna...

EUVD-2025-6761

Malicious code in bioql PyPI...

EUVD-2023-12818

Malicious code in bioql PyPI...

EUVD-2024-50973

Malicious code in bioql PyPI...

EUVD-2024-48871

Malicious code in bioql PyPI...

EUVD-2024-48870

Malicious code in bioql PyPI...

CVE-2024-7631

A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.goL112 Because of this unsafe filepath construction, an...

CVE-2024-12582

A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the...

CVE-2024-12582

A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the...

PT-2024-38095 · Red Hat · Openshift Console

Name of the Vulnerable Software and Affected Versions: OpenShift console affected versions not specified Description: A flaw was found in the OpenShift console, where several endpoints use the authHandler and authHandlerWithUser middleware functions. When the default authentication provider is se...

CVE-2024-7079

A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this endpoint is gated by the authHandlerWithUser middleware function. Contrary to its name, this...

h2: Loading of custom classes from remote servers through JNDI

A flaw was found in the H2 Console. This flaw allows remote attackers to execute arbitrary code via a JDBC URL, concatenating with a substring that allows remote code execution by using a script...

USN-5091-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities

Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. CVE-2021-33624 It was...

PT-2021-13851 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: keycloak affected versions not specified Description: A flaw was found in the new account console of keycloak, allowing malicious code to be executed using the referrer URL. The highest threat from this issue is to data confidentiality and...

Symantec Messaging Gateway Stored AD Password Vulnerability

Symantec Messaging Gateway is a suite of anti-spam, anti-virus, advanced content filtering and data leakage protection technologies from Symantec. A security vulnerability exists in the management console of Symantec Messaging Gateway versions prior to 10.6.0-7. An attacker could exploit the...

Design/Logic Flaw

The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors...