219 matches found
EUVD-2021-18714
Malware in sbrugna...
EUVD-2025-25618
Malicious code in bioql PyPI...
EUVD-2023-43184
Malicious code in bioql PyPI...
EUVD-2025-14380
Malicious code in bioql PyPI...
EUVD-2025-26393
Malicious code in bioql PyPI...
EUVD-2025-23950
Malicious code in bioql PyPI...
Information Disclosure
github.com/neuvector/neuvector is vulnerable to information disclosure. The vulnerability is due to passwords in Java command parameters being logged in security event logs when a process rule violation occurs, which allows an attacker to obtain sensitive credentials...
CVE-2025-6791
In the monitoring event logs page, it is possible to alter the http request to insert a reflect payload in the DB. Caused by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon web Monitoring event logs modules allows SQL Injection.This...
CVE-2025-6791 Second order SQL injection available to user with low privilege
In the monitoring event logs page, it is possible to alter the http request to insert a reflect payload in the DB. Caused by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon web Monitoring event logs modules allows SQL Injection.This...
CVE-2025-6791 Second order SQL injection available to user with low privilege
In the monitoring event logs page, it is possible to alter the http request to insert a reflect payload in the DB. Caused by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon web Monitoring event logs modules allows SQL Injection.This...
CVE-2025-6791 Second order SQL injection available to user with low privilege
In the monitoring event logs page, it is possible to alter the http request to insert a reflect payload in the DB. Caused by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon web Monitoring event logs modules allows SQL Injection.This...
CVE-2025-6791
Centreon Web’s Monitoring event logs module is affected by an SQL Injection due to improper neutralization of special elements in an SQL command. An authenticated, low-privilege attacker can modify HTTP requests to insert payloads into the database. Affected Centreon Web versions: 23.10.0–23.10.2...
PT-2025-33108 · Centreon · Web
Name of the Vulnerable Software and Affected Versions: Centreon web versions 23.10.0 through 23.10.26 Centreon web versions 24.04.0 through 24.04.16 Centreon web versions 24.10.0 through 24.10.9 Description: The web application is susceptible to SQL Injection due to improper neutralization of...
Microsoft Windows - Storage QoS Filter Driver Checker
Titles: Microsoft Windows - Storage QoS Filter Driver Checker Author: nu11secur1ty Date: 08/04/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/software-download/windows11 Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49730 Description This PowerShell...
CVE-2025-48709
BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on,...
CVE-2025-48709 BMC Control-M/Server cleartext database credentials in process lists and logs
BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on,...
CVE-2025-34091
A padding oracle vulnerability exists in Google Chrome’s AppBound cookie encryption mechanism due to observable decryption failure behavior in Windows Event Logs when handling malformed ciphertext in SYSTEM-DPAPI-encrypted blobs. A local attacker can repeatedly send malformed ciphertexts to the...
CVE-2025-34091
Rejected reason: Neither filed by Chrome nor a valid security vulnerability...
CVE-2025-34091
...
CVE-2025-41649
creationtimestamp| type| source ---|---|--- 2025-05-27 08:48:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17616 2025-05-27 09:07:04+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lq5dessbva62 2025-05-27 09:18:05+00:00| seen|...