Apache Superset <=1.3.2 - Default Login

Apache Superset through 1.3.2 contains a default login vulnerability via registered database connections for authenticated users. An attacker can obtain access to user accounts and thereby obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2021-44451 info:...

EUVD-2021-1252

Malware in sbrugna...

EUVD-2014-5570

Malware in sbrugna...

EUVD-2020-22104

Malware in sbrugna...

EUVD-2014-7259

Malware in sbrugna...

EUVD-2014-6994

Malware in sbrugna...

EUVD-2014-6686

Malware in sbrugna...

EUVD-2021-14170

Malware in sbrugna...

EUVD-2014-6778

Malware in sbrugna...

EUVD-2014-6931

Malware in sbrugna...

EUVD-2022-46519

Malicious code in bioql PyPI...

EUVD-2022-46517

Malicious code in bioql PyPI...

EUVD-2023-48652

Malicious code in bioql PyPI...

CVE-2025-46118

CVE-2025-46118 affects CommScope Ruckus Unleashed pre-200.15.6.212.14 and pre-200.17.7.0.139, and Ruckus ZoneDirector pre-10.5.1.0.279, due to hard-coded ftpuser credentials that grant FTP access to the controller. This allows a remote attacker to upload or retrieve arbitrary files from writable ...

CVE-2025-48926

CVE-2025-48926 affects the TeleMessage service admin panel (through 2025-05-05). The vulnerability enables an attacker to enumerate sensitive user data including usernames, email addresses, passwords, and telephone numbers via the administrative interface, constituting a high confidentiality impa...

CVE-2021-30683

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A malicious application could execute arbitrary code leading to compromise of user information...

CVE-2022-43521

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities...

CVE-2022-43531

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information...

CVE-2022-43520

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities...

4.8 million healthcare records left freely accessible

Your main business is healthcare, so your excuse when you get hacked is that you didn’t have the budget to secure your network. Am I right? So, in order to prevent a ransomware gang from infiltrating your network, you could just give them what they want—all your data. The seemingly preferred meth...