SolarWinds Serv-U 15.5.0 < 15.5.5

The version of SolarWinds Serv-U installed on the remote host is prior to 15.5.4 HF1. It is, therefore, affected by a vulnerability as referenced in the solarwindsserv-u1554hf1 advisory. - SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without...

CVE-2026-8370

The CVE describes an "Execution with unnecessary privileges" vulnerability in Broadcom Automic Automation Agent Unix, affecting multiple platforms (Linux x64, Linux Power 64 BE/LE, zLinux, AIX, Solaris x64, Solaris SPARC 64) and enabling privilege escalation when running with elevated privileges....

CVE-2026-2409

Delinea Cloud Suite is affected by CVE-2026-2409 due to an improper neutralization of special elements in SQL commands, enabling argument injection. Affected: Cloud Suite versions before 25.2 HF1. Root cause: SQL Injection vulnerability reported across multiple feeds (NVD, Red Hat, etc.). Impact:...

PT-2026-20901

Name of the Vulnerable Software and Affected Versions Delinea Cloud Suite versions prior to 25.2 HF1 Description An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability exists in Delinea Cloud Suite, allowing argument injection. The issue affects the...

CVE-2024-39571

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 HF1. Affected applications are vulnerable to command injection due to missing server side input sanitation when loading SNMP configurations. This could allow an attacker with the right to modify the SNMP...

EUVD-2018-19408

Malware in sbrugna...

EUVD-2020-18472

Malware in sbrugna...

EUVD-2020-5410

Malware in sbrugna...

CVE-2020-25839

NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1...

📄 Automic Automation Agent Unix Privilege Escalation

An agent configured to run in privileged mode using the SetUID-Bit can be used to escalate privileges, by supplying an ini file with the "authentication" option set to "PAM" and the "libName" option set to a shared object file controlled by the attacker. The shared object will be loaded in an...

CVE-2023-30639

Archer Platform 6.8 before 6.12 P6 HF1 6.12.0.6.1 contains a stored XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. 6.11.P4 6.11.0.4 is also a fixed release...

CVE-2023-30639

Archer Platform is affected by a stored XSS vulnerability (CVE-2023-30639) in versions 6.8 through 6.12 P6 before HF1 (6.12.0.6.1). A remote authenticated Archer user could store malicious HTML/JavaScript in a trusted data store, which would be executed by other users’ browsers in the context of ...

SolarWinds Serv-U 15.3.1

The version of SolarWinds Serv-U installed on the remote host is prior to 15.3 HF1. It is, therefore, affected by a vulnerability as referenced in the serv-u153hf1 advisory. - A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to th...

SIEMENS-SINEMA Remote Connect 1.0 SP3 HF1 Open Redirection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Open Redirect in Login Page product: SIEMENS-SINEMA Remote Connect vulnerable version: V1.0 SP3 HF1 fixed version: V2.0 has been out since April, 2019 CVE number:...

SolarWinds Orion Platform 2020.2.0 < 2020.2.6 HF1 Multiple Vulnerabilities XSS

The version of SolarWinds Orion Platform installed on the remote host is prior to 2020.2.6 HF1. It is, therefore, affected by multiple vulnerabilities as referenced in the orionplatform202026hf1 advisory. - A security researcher found a user with Orion map manage rights could store XSS through vi...

Siemens SENTRON powermanager

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SENTRON powermanager Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated local attacker to...

CVE-2021-29141

A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager versions prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability...

CVE-2021-29140

A remote XML external entity XXE vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability...

CVE-2021-29144

A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager versions prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability...

CVE-2021-26683

A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying...