EUVD-2026-11184

Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.22 can lead to the following scenario: an admin that intends to give a user an access to a remote database constituent "namespace.name" will inadvertently grant access to any...

EUVD-2021-20411

Malware in sbrugna...

SIGNUM-NET FARA 信任管理问题漏洞

SIGNUM-NET FARA is a facility management software from SIGNUM-NET Poland. A trust management issue vulnerability exists in SIGNUM-NET FARA version 5.0.80.34 and prior versions, which stems from the use of hard-coded SQLite credentials that could lead to reading and manipulating local databases...

CVE-2025-3838

An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Under certain conditions, this could allow a bad actor to gain unauthorized access to the local db containing weakly hashed...

Saviynt EOL OVA（Saviynt End of Life OVA） 安全漏洞

Saviynt EOL OVA Saviynt End of Life OVA is a lifecycle component from Saviynt. A security vulnerability exists in Saviynt EOL OVA Saviynt End of Life OVA that stems from improper authorization and could result in unauthorized access to a local database...

CVE-2023-28713

Plaintext storage of a password exists in CONPROSYS HMI System CHS versions prior to 3.5.3. Because account information of the database is saved in a local file in plaintext, a user who can access the PC where the affected product is installed can obtain the information. As a result, information ...

CVE-2021-40843

Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user triggers retrieval of...

Siemens SINEC NMS SQL注入漏洞

SINEC NMS is a network management system used by Siemens to monitor and manage industrial networks.A SQL injection vulnerability exists in versions prior to SINEC NMS 1.0 SP2 Update 1, which stems from a lack of validation and escaping of SQL parameter statements. An attacker could use this...

Siemens SINEC NMS SQL注入漏洞

SINEC NMS is a network management system from Siemens for monitoring and managing industrial networks.A SQL injection vulnerability exists in versions prior to SINEC NMS 1.0 SP2 Update 1, which stems from the lack of validation and escaping of SQL parameter statements in the software. An attacker...

Siemens SINEC NMS SQL注入漏洞

SINEC NMS is a network management system used by Siemens to monitor and manage industrial networks.A SQL injection vulnerability exists in versions prior to SINEC NMS 1.0 SP2 Update 1, which stems from the lack of validation and escaping of SQL parameter statements. An attacker could use this...

KLA10502 Multiple vulnerabilities in BACnet OPC Server

Multiple critical vulnerabilities have been found in BACnet OPC Server. Malicious users can exploit these vulnerabilities to execute arbitrary files and read&write local database. Below is a complete list of vulnerabilities 1. An unknwon vulnerabilities can be exploited remotely via unknown vecto...