PT-2026-33112

Velociraptor versions prior to 0.76.3 contain a vulnerability in the query plugin which allows access to all orgs with the user's current ACL token. This allows an authenticated GUI user with access in one org, to use the query plugin, in a notebook cell, to run VQL queries on other orgs which th...

EUVD-2020-25595

Malware in sbrugna...

CVE-2022-30298

An improper privilege management vulnerability CWE-269 in Fortinet FortiSOAR before 7.2.1 allows a GUI user who has already found a way to modify system files via another, unrelated and hypothetical exploit to execute arbitrary Python commands as root...

Privilege escalation

An improper privilege management vulnerability CWE-269 in Fortinet FortiSOAR before 7.2.1 allows a GUI user who has already found a way to modify system files via another, unrelated and hypothetical exploit to execute arbitrary Python commands as root...

FortiSOAR - Privilege escalation from nginx user to root

An improper privilege management vulnerability CWE-269 in FortiSOAR may allow a GUI user who has already found a way to modify system files via another, unrelated and hypothetical exploit to execute arbitrary Python commands as root...

eQ-3 AG Homematic CCU3 Password Hash Disclosure Vulnerability

The eQ-3 AG Homematic CCU3 is a set of home automation controls from the German company eQ-3 AG. A password hash disclosure vulnerability exists in the User.getUserPWD method in eQ-3 AG Homematic CCU3 3.43.15 and earlier versions. An unauthenticated attacker accessing the web interface could use...

ESA-2012-034: EMC Cloud Tiering Appliance (CTA) Authentication Bypass Vulnerability

ESA-2012-034.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-034: EMC Cloud Tiering Appliance CTA Authentication Bypass Vulnerability EMC Identifier: ESA-2012-034 CVE Identifier: CVE-2012-2285 Severity Rating: CVSS v2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected products: EMC...