CVE-2023-49280

XWiki Change Request is an XWiki application allowing to request changes on a wiki without publishing directly the changes. Change request allows to edit any page by default, and the changes are then exported in an XML file that anyone can download. So it's possible for an attacker to obtain...

EUVD-2025-28004

Malicious code in bioql PyPI...

EUVD-2024-19628

Malicious code in bioql PyPI...

EUVD-2024-39396

Malicious code in bioql PyPI...

CVE-2023-38549

A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service. Note: The criticality of this vulnerability is reduced as it requires interaction by a user with the Vee...

CVE-2025-4338

Lantronix Device installer is vulnerable to XML external entity XXE attacks in configuration files read from the network device. An attacker could obtain credentials, access these network devices, and modify their configurations. An attacker may also gain access to the host running the Device...

CVE-2019-13922

A vulnerability has been identified in SINEMA Remote Connect Server All versions V2.0 SP1. An attacker with administrative privileges can obtain the hash of a connected device's password. The security vulnerability could be exploited by an attacker with network access to the SINEMA Remote Connect...

Sage 200 Spain 安全漏洞

Sage 200 Spain is a business management software from Sage. A security vulnerability exists in Sage 200 Spain versions prior to 2025.35.000, which stems from an SMB mandatory authentication vulnerability that could lead to an administrator-privileged user obtaining an NTLMv2-SSP hash by changing...

Vulnerability fixed in Microsoft Exchange

Microsoft has fixed a vulnerability in Exchange Server. A malicious party could exploit the vulnerability to use a previously stolen NTLM hash to gain access to the account and the data of the victim. Successful exploitation thus requires a previous successful attack on a client that uses NTLM...

VISAM VBASE Editor

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: VISAM Equipment: VBASE Vulnerabilities: Improper Access Control, Cross-site Scripting, Improper Restriction of XML External Entity Reference, Using Components with Known Vulnerabilities 2. RISK...

Information Disclosure in the PAN-OS Management Web Interface

A local privilege escalation vulnerability exists in the PAN-OS management web interface that allows the administrator to access the password hashes of local users by manipulating the HTML markup. Ref. PAN-91564; CVE-2018-9334 Successful exploitation of this issue requires the attacker to be...