CVE-2026-35503

A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An attacker with access to the login page could retrieve these...

EUVD-2020-13482

Malware in sbrugna...

EUVD-2020-28391

Malware in sbrugna...

EUVD-2022-47933

Malicious code in bioql PyPI...

LibreNMS stored cross-site scripting (XSS) vulnerability in the Device Settings section

A stored cross-site scripting XSS vulnerability in the Device Settings section of LibreNMS v24.9.0 to v24.10.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Display Name parameter...

CVE-2024-5165 Eclipse Ditto User Interface vulnerable to XSS due to Improper Neutralization of Input

In Eclipse Ditto versions 3.0.0 to 3.5.5, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS Cross Site Scripting. Several inputs were n...

Design/Logic Flaw

The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a client’s computer by sending the client a manipulated URL...

Privilege escalation

UNSUPPORTED WHEN ASSIGNED A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. Affects all 7.x versions of Avaya Aura Utility Services...

CVE-2020-28909

Incorrect File Permissions in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root via modification of scripts. Low-privileges users are able to modify files that can be executed by sudo...

Cisco NX-OS Python Scripting Engine Elevation of Privilege Vulnerability

Cisco NX-OS software is a data center-class operating system that embodies modular design, sustainability, and maintainability. A security vulnerability exists in Cisco NX-OS that allows a user with locally executable Python scripts to elevate privileges on the Python subsystem to execute arbitra...

Design/Logic Flaw

Labtech before 100.237 on Linux uses world-writable permissions for root-executed scripts, which allows local users to gain privileges by modifying a script file...

CVE-2015-0926

LabTech (LabTech Software) on Linux prior to version 100.237 exposes world-writable permissions on root-executed startup scripts. This allows a local authenticated user to gain privileges by modifying the script file. CVE-2015-0926 is supported by multiple sources (NVD entry and CERT/CVE referenc...

Novell ZENworks ESM Security Client STEngine Privilege Escalation

Novell ZENworks Endpoint Security Management ESM Security Client is installed on the remote host. It provides a centrally-managed, policy-based firewall for enterprise computers. The version of this software on the remote host dynamically generates various scripts which are then executed by the...