17 matches found
EUVD-2026-39434
CWE-78 Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could allow unauthorized execution of commands with elevated privileges, impacting system integrity, confidentiality, and availability when a privileged authenticated user interacts wi...
CVE-2023-20548
A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability...
CVE-2023-20548
CVE-2023-20548 describes a TOCTOU race in the AMD Secure Processor (ASP) that could lead to memory corruption with impacts to integrity, confidentiality, and availability. Affected component is ASP; the underlying issue is a race condition between checks and usage that attackers could potentially...
EUVD-2014-6395
Malware in sbrugna...
EUVD-2013-0458
Malware in sbrugna...
EUVD-2013-3719
Malware in sbrugna...
EUVD-2018-5737
Malware in sbrugna...
EUVD-2021-26348
Malware in sbrugna...
EUVD-2021-33541
Malicious code in bioql PyPI...
PT-2025-29918 · Wegia · Wegia
Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.6 Description: WeGIA is an open source web manager. A SQL Injection vulnerability exists in versions prior to 3.4.6. This vulnerability allows attackers to execute arbitrary SQL commands via the...
CVE-2025-0067
Due to a missing authorization check on service endpoints in the SAP NetWeaver Application Server Java, an attacker with standard user role can create JCo connection entries, which are used for remote function calls from or to the application server. This could lead to low impact on...
CVE-2019-10928
A vulnerability has been identified in SCALANCE SC-600 V2.0. An authenticated attacker with access to port 22/tcp as well as physical access to an affected device may trigger the device to allow execution of arbitrary commands. The security vulnerability could be exploited by an authenticated...
CVE-2019-2424
Vulnerability in the Oracle Retail Convenience Store Back Office component of Oracle Retail Applications subcomponent: Level 3 Maintenance Functions. The supported version that is affected is 3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...
Huawei HarmonyOS 授权问题漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS. An attacker exploiting this vulnerability could cause integrity, confidentiality, and availability to be...
SAP Commerce Code Execution Vulnerability
SAP Commerce is a set of cloud-based e-commerce platform from Germany's SAP. This product supports sales management, marketing management, order management and operations management. A security vulnerability exists in SAP Commerce 1808, 1811, 1905, 2005, 2011, which allows certain authorized user...
grub2 authorization issue vulnerability
grub2 is a Linux system boot program from the GNU community. A security vulnerability in versions of grub2 prior to 2.06, where the cutmem command does not support secure boot locking, allows a privileged attacker to remove address ranges from memory, thus giving the opportunity to bypass secure...
The vulnerability of the implementation of the dynamic memory distribution function in the Grub2 operating system’s loader allows a attacker to influence the integrity, confidentiality, and accessibility of information.
The vulnerability of the implementation of the dynamic memory distribution function in the Grub2 operating system’s loader is related to integer overflow. Exploiting this vulnerability could allow an attacker to influence the integrity, confidentiality, and accessibility of information...