EUVD-2020-2746

Malware in sbrugna...

EUVD-2025-27542

Malicious code in bioql PyPI...

CVE-2025-10222

Exposure of Sensitive Information to an Unauthorized Actor CWE-200 in the diagnostic dump component in AxxonSoft Axxon One VMS C-Werk 2.0.0 through 2.0.1 on Windows allows a local attacker to obtain licensing-related information such as timestamps, license states, and registry values via reading...

CVE-2025-10222 Sensitive Information Disclosure in Diagnostic Dumps in AxxonSoft Axxon One VMS

Exposure of Sensitive Information to an Unauthorized Actor CWE-200 in the diagnostic dump component in AxxonSoft Axxon One VMS C-Werk 2.0.0 through 2.0.1 on Windows allows a local attacker to obtain licensing-related information such as timestamps, license states, and registry values via reading...

PT-2025-37040

Name of the Vulnerable Software and Affected Versions: AxxonSoft Axxon One VMS versions 2.0.0 through 2.0.1 Description: The diagnostic dump component in AxxonSoft Axxon One VMS contains a flaw that allows a local attacker to obtain licensing-related information, such as timestamps, license state...

Implementing AI Bill of Materials (AI BOM) with SPDX 3.0: a Comprehensive Guide to Creating AI and Dataset Bill of Materials

A Software Bill of Materials SBOM is becoming an increasingly important tool in regulatory and technical spaces to introduce more transparency and security into a project's software supply chain. Artificial intelligence AI projects face unique challenges beyond the security of their software, and...

SUSE: Security Advisory (SUSE-SU-2025:0577-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-50946 IBM Common Licensing information disclosure

IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that they should not have access to due to a broken authorization mechanism...

Mimikatz v2.2.0 - A Post-Exploitation Tool to Extract Plaintexts Passwords, Hash, PIN Code from Memory

mimikatz is a tool I've made to learn C and make somes experiments with Windows security. It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets. But that's not all!...

App Layering/Unidesk: If user logs in before Office activation script runs, Office licensing will break

When a user logs in and runs an Office component, they may immediately see "Please wait while setup configures microsoft office", which will run a repair function, which will fail. If they have Lync installed, then that Office component might run immediately without any interaction from them. Or...