CVE-2026-33486

Roadiz is a polymorphic content management system based on a node system that can handle many types of services. A vulnerability in roadiz/documents prior to versions 2.7.9, 2.6.28, 2.5.44, and 2.3.42 allows an authenticated attacker to read any file on the server's local file system that the web...

CVE-2026-33486

CVE-2026-33486 affects Roadiz and specifically the roadiz/documents component. The vulnerability is an SSRF/LFI flaw in theDownloadedFile::fromUrl() flow that occurs when importing external media; an attacker-controlled URL can be used with file:// to read local server files (including environmen...

CVE-2023-37525 HCL BigFix Compliance is vulnerable to a sensitive information disclosure

A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals...

PT-2026-4467

Name of the Vulnerable Software and Affected Versions Newgen OmniDocs affected versions not specified Description An unauthenticated information disclosure issue exists in Newgen OmniDocs. The /omnidocs/GetListofCabinet API endpoint lacks proper authentication and access control, allowing an...

Newgen OmniDocs security vulnerabilities

Newgen OmniDocs is an enterprise content management suite provided by Newgen Corporation. There is a security vulnerability in Newgen OmniDocs, which stems from the lack of authentication and access control on the /omnidocs/GetListofCabinet API endpoint. This vulnerability could allow remote...

ownCloud < 10.15.1 Information Disclosure Vulnerability

ownCloud is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud";...

Lexmark Printers Path Traversal (CVE-2021-44737)

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

EUVD-2019-17846

Malware in sbrugna...

EUVD-2021-2003

Malware in sbrugna...

EUVD-2021-19307

Malware in sbrugna...

EUVD-2016-9837

Malware in sbrugna...

EUVD-2016-5049

Malware in sbrugna...

EUVD-2017-5695

Malware in sbrugna...

EUVD-2025-30814

Malicious code in bioql PyPI...

EUVD-2021-31552

Malicious code in bioql PyPI...

EUVD-2022-34193

Malicious code in bioql PyPI...

EUVD-2024-36946

Malicious code in bioql PyPI...

CVE-2025-57430

Creacast Creabox Manager 4.4.4 exposes sensitive configuration data via a publicly accessible endpoint /get. When accessed, this endpoint returns internal configuration including the creacodec.lua file, which contains plaintext admin credentials...

CVE-2025-57430

Creacast Creabox Manager 4.4.4 exposes sensitive configuration data via a publicly accessible endpoint /get. When accessed, this endpoint returns internal configuration including the creacodec.lua file, which contains plaintext admin credentials...

CVE-2025-57430

The CVE-2025-57430 affects Creacast Creabox Manager 4.4.4, where a publicly accessible /get endpoint leaks internal configuration data, including the creacodec.lua file that contains plaintext admin credentials. This exposes sensitive configuration details and credential data via network access. ...