CVE-2026-2331 CVE-2026-2331

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...

PT-2026-23660

Name of the Vulnerable Software and Affected Versions AppEngine affected versions not specified Description An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical...

Application User custom defined accounts are not properly password protected in Brocade ASCG 3.4.0 (CVE-2026-0869)

Application User accounts with Brocade ASCG application privileges created by the administrator are not properly being password enforced. Any other user that learns of the assigned user name can access the custom created application manager account and gain access to the Brocade ASCG application...

EUVD-2016-2257

Malware in sbrugna...

EUVD-2017-11298

Malware in sbrugna...

EUVD-2022-52224

Malicious code in bioql PyPI...

CVE-2022-29891

Browse restriction bypass vulnerability in Custom Ap of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Custom App via unspecified vectors...

CVE-2022-30269

Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images as PLX/DAT/APP/CRC files are uploaded via the...

Citrix Virtual Apps and Desktops 2402 - Custom Application menus cut off after VDA upgrade

After upgrading the VDA from VDA 1912 to VDA 2402, users may notice that the fonts and graphics are not fitting within the custom application UI. Issue is generally seen when the client display has high resolution. Setting the High DPI setting on the Citrix Workspace App for Windows to Yes, may...

CVE-2024-52052 Stream Target Remote Code Execution in Wowza Streaming Engine

Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager administrator to define a custom application property and poison a stream target for high-privilege remote code execution...

CVE-2024-52052 Stream Target Remote Code Execution in Wowza Streaming Engine

Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager administrator to define a custom application property and poison a stream target for high-privilege remote code execution...

PT-2023-7610

Name of the Vulnerable Software and Affected Versions Vite versions prior to 4.4.12 Vite versions prior to 4.5.1 Vite versions prior to 5.0.5 Description The issue is related to Vite's HTML transformation when invoked manually via server.transformIndexHtml. If the original request URL is passed i...

CVE-2022-30269

Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images as PLX/DAT/APP/CRC files are uploaded via the...

Design/Logic Flaw

Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images as PLX/DAT/APP/CRC files are uploaded via the...

Cybozu Office View Restriction Bypass Vulnerability (CNVD-2021-18056)

Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. A view restriction bypass vulnerability exists in a custom application in Cybozu Office. An attacker can use this vulnerability to obtain data from a custom application without viewing privileges...

Cybozu Office 授权问题漏洞

Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. A view restriction bypass vulnerability exists in a custom application in Cybozu Office. An attacker can use this vulnerability to obtain data from a custom application without viewing privileges...

Cybozu Office 输入验证错误漏洞

Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. An improper input validation vulnerability exists in a custom application in Cybozu Office. An attacker could exploit the vulnerability to alter data in the customized application...

blurting-in.zkm.de Cross Site Scripting vulnerability OBB-1351263

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

lic-zheldor.ru Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1102746 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

unputdownables.net Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1035225 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...