CVE-2020-7358

In AppSpider installer versions prior to 7.2.126, the AppSpider installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during an...

CVE-2025-13953 Bypass in the authentication method of the GTT Sistema de Información Tributario application

Bypass vulnerability in the authentication method in the GTT Tax Information System application, related to the Active Directory LDAP login method. Authentication is performed through a local WebSocket, but the web application does not properly validate the authenticity or origin of the data...

EUVD-2020-28508

Malware in sbrugna...

EUVD-2018-4406

Malware in sbrugna...

CVE-2020-7381

In Rapid7 Nexpose installer versions prior to 6.6.40, the Nexpose installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during a Securit...

CVE-2020-10746

Infinispan Server Runtime (org.infinispan:infinispan-server-runtime) version 10 is described as allowing local access to controls via REST and HotRod APIs, enabling a locally authenticated user to perform all cache operations including creation, update, deletion, and shutdown of the entire server...

Code injection

In AppSpider installer versions prior to 7.2.126, the AppSpider installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during an...