91 matches found
EUVD-2006-6645
Malware in sbrugna...
EUVD-2019-17188
Malware in sbrugna...
EUVD-2013-6572
Malware in sbrugna...
EUVD-2024-30543
Malicious code in bioql PyPI...
EUVD-2022-52798
Malicious code in bioql PyPI...
CVE-2025-52889
creationtimestamp| type| source ---|---|--- 2025-06-25 14:13:09+00:00| published-proof-of-concept| https://github.com/lxc/incus/security/advisories/GHSA-9q7c-qmhm-jv86 2025-06-25 18:06:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19498 2025-08-09 17:28:24+00:00| see...
CVE-2024-45179
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to insufficient input validation, the C-MOR web interface is vulnerable to OS command injection attacks. It was found out that different functionality is vulnerable to OS command injection attacks, for exampl...
CVE-2025-27590
In oxidized-web aka Oxidized Web before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web...
GHSA-JX6P-9C26-G373 Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account
In oxidized-web aka Oxidized Web before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web...
Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account
In oxidized-web aka Oxidized Web before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web...
Directory Traversal
Overview oxidized-web is a puma+sinatra+haml webUI + REST API for oxidized Affected versions of this package are vulnerable to Directory Traversal through the RANCID migration page. An attacker can gain control over the Linux user account running the application by exploiting this vulnerability...
Oxidized Web 路径遍历漏洞
Oxidized Web is ytti individual developer's Web UI + RESTful API for Oxidized. A security vulnerability exists in Oxidized Web versions prior to 0.15.0 that stems from a RANCID migration page that allows an unauthenticated user to take control of a Linux user account running oxidized-web...
CVE-2025-27590
In oxidized-web aka Oxidized Web before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web...
Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account
In oxidized-web aka Oxidized Web before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web...
CVE-2025-27590
The CVE concerns oxidized-web (Oxidized Web) before version 0.15.0, where the RANCID migration page can be accessed without authentication and allows an attacker to gain control over the Linux user account running oxidized-web. Public details in connected documents describe the issue as a path tr...
TFTP Fetch, Linux Add User
Fetch and execute an ARMLE payload from a TFTP server. Create a new user with UID 0 Module Options msf use payload/cmd/linux/tftp/armle/adduser msf payloadadduser show actions ...actions... msf payloadadduser set ACTION msf payloadadduser show options ...show and set options... msf payloadadduser...
CVE-2024-45178
CVE-2024-45178 affects za-internet C-MOR Video Surveillance 5.2401. The issue is path traversal caused by insufficient input validation, enabling an authenticated user to download arbitrary files as user www-data via vulnerable scripts download-bkf.pml (parameter bkf) and show-movies.pml (paramet...
CVE-2024-45173
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper privilege management concerning sudo privileges, C-MOR is vulnerable to a privilege escalation attack. The Linux user www-data running the C-MOR web interface can execute some OS commands as root via Sudo...
Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2024-1951)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Johnson Controls Illustra Essentials Gen 4 (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Johnson Controls, Inc. Equipment : Illustra Essentials Gen 4 Vulnerability : Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of this vulnerability...