18 matches found
EUVD-2005-0691
Malware in sbrugna...
EUVD-2013-7221
Malware in sbrugna...
EUVD-2025-13370
Malicious code in bioql PyPI...
CVE-2013-4967
Puppet Enterprise before 3.0.1 allows remote attackers to obtain the database password via vectors related to how the password is "seeded as a console parameter," External Node Classifiers, and the lack of access control for /nodes...
CVE-2025-4272
A vulnerability was found in Mechrevo Control Console 1.0.2.70. It has been rated as critical. Affected by this issue is some unknown functionality in the library C:\Program Files\OEM\MECHREVO Control Center\UniwillService\MyControlCenter\csCAPI.dll of the component GCUService. The manipulation...
CVE-2025-4272
A vulnerability was found in Mechrevo Control Console 1.0.2.70. It has been rated as critical. Affected by this issue is some unknown functionality in the library C:\Program Files\OEM\MECHREVO Control Center\UniwillService\MyControlCenter\csCAPI.dll of the component GCUService. The manipulation...
CVE-2025-4272
CVE-2025-4272 affects Mechrevo Control Console 1.0.2.70; vulnerable component is the library csCAPI.dll under GCUService. Reported issue: uncontrolled search path leading to local exploitation. Documents consistently describe local attack requirements with high impact per CVSS vectors (local acce...
CVE-2025-4272 Mechrevo Control Console GCUService csCAPI.dll uncontrolled search path
A vulnerability was found in Mechrevo Control Console 1.0.2.70. It has been rated as critical. Affected by this issue is some unknown functionality in the library C:\Program Files\OEM\MECHREVO Control Center\UniwillService\MyControlCenter\csCAPI.dll of the component GCUService. The manipulation...
CVE-2025-4272 Mechrevo Control Console GCUService csCAPI.dll uncontrolled search path
A vulnerability was found in Mechrevo Control Console 1.0.2.70. It has been rated as critical. Affected by this issue is some unknown functionality in the library C:\Program Files\OEM\MECHREVO Control Center\UniwillService\MyControlCenter\csCAPI.dll of the component GCUService. The manipulation...
Mechrevo Control Console 代码问题漏洞
Mechrevo Control Console is a computer console software from the Chinese company Mechrevo. A code issue vulnerability exists in Mechrevo Control Console version 1.0.2.70, which stems from an uncontrolled search path vulnerability in the library file csCAPI.dll...
PT-2025-19705 · Mechrevo · Mechrevo Control Console
Name of the Vulnerable Software and Affected Versions: Mechrevo Control Console version 1.0.2.70 Description: A critical issue affects an unknown functionality in the library C:Program FilesOEMMECHREVO Control CenterUniwillServiceMyControlCentercsCAPI.dll of the component GCUService. The...
What is a Network Management Station (NMS) ?
The Bedrock of the Network Coordination Hub NCH Delving into the substantial domain of digital networks, the Network Coordination Hub NCH is unveiled as a critical component ensuring fluid network operations. Let us unravel this concept - an NCH signifies a control console employed for supervisin...
Directory traversal
A directory traversal vulnerability in the web application in McAfee now Intel Security SaaS Control Console SCC Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated users to view contents of arbitrary system files that did not have file system level read access...
CVE-2013-7462
A directory traversal vulnerability in the web application in McAfee now Intel Security SaaS Control Console SCC Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated users to view contents of arbitrary system files that did not have file system level read access...
CVE-2013-7462
A directory traversal vulnerability in the web application in McAfee now Intel Security SaaS Control Console SCC Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated users to view contents of arbitrary system files that did not have file system level read access...
CVE-2013-7462
The CVE-2013-7462 entry describes a directory traversal vulnerability in McAfee/SCC Platform prior to patch 1070 (6.14) and prior to patch 1076 (6.15). An unauthenticated user could view contents of arbitrary system files that lacked file-system read restrictions via a null-byte injection exploit...
Apache CloudStack 身份验证绕过漏洞(CVE-2013-2756)
BUGTRAQ ID: 59463 CVECAN ID: CVE-2013-2756 Apache CloudStack是部署和管理大型虚拟机网络的开源软件。 Apache CloudStack 4.0.2之前版本存在安全绕过漏洞,熟悉Apache CloudStack源代码的攻击者可以未经授权访问另一个租户VM的控制台。 0 Apache Group CloudStack 4.x 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://httpd.apache.org/...
Gene6 FTP Server本地权限提升漏洞
Gene6 FTP Server是一款非常流行的Microsoft Windows平台的FTP Server。 默认安装后,本地的非特权用户可以修改Gene6 FTP Server的设置,例如添加新的SITE命令。由于Gene6 FTP Server是以SYSTEM权限运行的,因此攻击者可以轻易的提升权限。 Gene6 G6 FTP Server http://marc.theaimsgroup.com 1. 以非特权用户的身份登陆。 2. 打开Gene6 FTP Server控制台,添加FTP用户帐号,如“test” 3. 对FTP...