17 matches found
EUVD-2019-18614
Malware in sbrugna...
EUVD-2020-29598
Malware in sbrugna...
EUVD-2024-51940
Malicious code in bioql PyPI...
EUVD-2025-14027
Malicious code in bioql PyPI...
EUVD-2024-36454
Malicious code in bioql PyPI...
CVE-2025-8513
A vulnerability, which was classified as problematic, was found in Caixin News App 8.0.1 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.caixin.news. The manipulation leads to improper export of android application components. Local access is...
PT-2025-29342 · Open5Gs · Open5Gs
Name of the Vulnerable Software and Affected Versions: Open5GS versions up to 2.7.3 Description: A problematic issue exists in Open5GS related to the SCTP Partial Message Handler component. The ngap recv handler/s1ap recv handler/recv handler function is susceptible to a reachable assertion due t...
PT-2025-23747
Name of the Vulnerable Software and Affected Versions ThemeManager versions prior to SMR Jun-2025 Release 1 Description The issue is related to improper privilege management, allowing local privileged attackers to reuse trial items. This could potentially be exploited by attackers with local...
CVE-2024-48830
Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Comman...
CVE-2025-22399
Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgery...
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2025-1115)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-52542
Dell AppSync, version 4.6.0.x, contain a Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information tampering...
CVE-2023-28345
An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application exposes the teacher's Console password in cleartext via an API endpoint accessible from localhost. Attackers with physical access to the Teacher Console can open a web browser, navigate to t...
ASB-A-231275473
In telecom service, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
Multiple Intel® Server Information Disclosure Vulnerabilities
Intel is an American company that develops CPUs and is the world's largest manufacturer of personal computer parts and CPUs. Multiple Intel® Server information disclosure vulnerability can be exploited by attackers to potentially make information public via local access...
CuteNews <= 1.3.6 Multiple XSS
According to its version number, the remote host is running a version of CuteNews that allows an attacker to inject arbitrary script through the variables 'X-FORWARDED-FOR' or 'CLIENT-IP' when adding a comment. On one hand, an attacker can inject a client-side script to be executed by an...
Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (4)
// source: https://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based application. Attackers with loca...