14 matches found
EUVD-2022-51410
Malicious code in bioql PyPI...
EUVD-2025-16438
Malicious code in bioql PyPI...
CVE-2025-41438
The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even though it is possible to change this by SSHing into the device, it has remained unchanged on every installed system observed. This account is not root but holds high-level permissions that could severely...
CVE-2025-41438
The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even though it is possible to change this by SSHing into the device, it has remained unchanged on every installed system observed. This account is not root but holds high-level permissions that could severely...
CVE-2025-41438 Consilium Safety CS5000 Fire Panel Initialization of a Resource with an Insecure Default
The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even though it is possible to change this by SSHing into the device, it has remained unchanged on every installed system observed. This account is not root but holds high-level permissions that could severely...
CVE-2025-41438
CVE-2025-41438 affects the Consilium Safety CS5000 Fire Panel. The vulnerability stems from a default account with high-level permissions that remains unchanged across installations, and a hard-coded VNC password embedded in the binary, enabling remote access if network access exists. Affected sy...
CVE-2025-41438 Consilium Safety CS5000 Fire Panel Initialization of a Resource with an Insecure Default
The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even though it is possible to change this by SSHing into the device, it has remained unchanged on every installed system observed. This account is not root but holds high-level permissions that could severely...
CVE-2022-4031
The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions...
CVE-2024-10944
A Remote Code Execution vulnerability exists in the affected product. The vulnerability requires a high level of permissions and exists due to improper input validation resulting in the possibility of a malicious Updated Agent being deployed...
CVE-2024-10944 FactoryTalk® Updater Remote Code Execution
A Remote Code Execution vulnerability exists in the affected product. The vulnerability requires a high level of permissions and exists due to improper input validation resulting in the possibility of a malicious Updated Agent being deployed...
CVE-2022-4031
The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions...
CVE-2022-4031 Simple:Press <= 6.8 - Authenticated (Admin+) Path Traversal to Arbitrary File Modification
The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions...
CVE-2022-4031 Simple:Press <= 6.8 - Authenticated (Admin+) Path Traversal to Arbitrary File Modification
The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions...
ZSQL: Configure User Whitelist
To prevent account disclosure, you can configure a whitelist to specify users with high-level permissions and client IP addresses allowed for database connections. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...