VulnCheck KEV: CVE-2025-12055

HYDRA X, MIP 2 and FEDRA 2 of MPDV Mikrolab GmbH suffer from an unauthenticated local file disclosure vulnerability in all releases until Maintenance Pack 36 with Servicepack 8 week 36/2025, which allows an attacker to read arbitrary files from the Windows operating system. The "Filename" paramet...

EUVD-2025-36096

HYDRA X, MIP 2 and FEDRA 2 of MPDV Mikrolab GmbH suffer from an unauthenticated local file disclosure vulnerability in all releases until Maintenance Pack 36 with Servicepack 8 week 36/2025, which allows an attacker to read arbitrary files from the Windows operating system. The "Filename" paramet...

CVE-2025-12055

HYDRA X, MIP 2 and FEDRA 2 of MPDV Mikrolab GmbH suffer from an unauthenticated local file disclosure vulnerability in all releases until Maintenance Pack 36 with Servicepack 8 week 36/2025, which allows an attacker to read arbitrary files from the Windows operating system. The "Filename" paramet...

CVE-2025-12055 Unauthenticated Local File Disclosure in MPDV Mikrolab MIP 2 / FEDRA 2 / HYDRA X Manufacturing Execution System

HYDRA X, MIP 2 and FEDRA 2 of MPDV Mikrolab GmbH suffer from an unauthenticated local file disclosure vulnerability in all releases until Maintenance Pack 36 with Servicepack 8 week 36/2025, which allows an attacker to read arbitrary files from the Windows operating system. The "Filename" paramet...

PT-2025-43887

Name of the Vulnerable Software and Affected Versions HYDRA X, MIP 2, and FEDRA 2 versions prior to Maintenance Pack 36 with Servicepack 8 week 36/2025 Description HYDRA X, MIP 2, and FEDRA 2 are affected by a local file disclosure issue. An unauthenticated attacker can read arbitrary files from...

EUVD-2007-1875

Malware in sbrugna...

CVE-2021-37178

A vulnerability has been identified in Solid Edge SE2021 All Versions SE2021MP7. An XML external entity injection vulnerability in the underlying XML parser could cause the affected application to disclose arbitrary files to remote attackers by loading a specially crafted xml file...

CVE-2017-9811

The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 version 8.0.4.312. By abusing the quarantine read and write operations, it is possible to elevate the privileges to root...

Cross site request forgery (csrf)

There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 version 8.0.4.312. This would allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain...

Kaspersky Anti-Virus File Server 8.0.3.297 - Multiple Vulnerabilities

Exploit for linux platform in category web applications 1. Advisory Information Title: Kaspersky Anti-Virus File Server Multiple Vulnerabilities Advisory ID: CORE-2017-0003 Advisory URL: http://www.coresecurity.com/advisories/Kaspersky-Anti-Virus-File-Server-Multiple-Vulnerabilities Date publishe...

Symantec Encryption Desktop for OS X World-Writable Files Insecure File Handling

SUMMARY Symantecs Encryption Desktop for OS X installs some temporary files with world-writable attributes during installation. In a multi-user environment, a malicious user could manipulate these world-writable files to read and write files or create files with another users permissions. AFFECTE...

Zero-Day Vulnerability in Symantec PGP Whole Disk Encryption

Symantec product PGP Whole Disk Encryption which is used to encrypt all the contents on the disk on a block-by-block basis having Zero-Day Vulnerability, according to a pastebin note. Note was posted on 25th Dec by Nikita Tarakanov, claiming that pgpwded.sys kernel driver distributed with Symante...

Zero-Day Vulnerability in Symantec PGP Whole Disk Encryption

Symantec product PGP Whole Disk Encryption which is used to encrypt all the contents on the disk on a block-by-block basis having Zero-Day Vulnerability, according to a pastebin note. Note was posted on 25th Dec by Nikita Tarakanov, claiming that pgpwded.sys kernel driver distributed with Symante...

CVE-2008-0870

BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session...

OpenServer 5.0.6 OpenServer 5.0.7 : nwprint privilege escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: OpenServer 5.0.6 OpenServer 5.0.7 : nwprint privilege escalation Advisory number: SCOSA-2005.26 Issue date: 2005 May 25 Cross reference: sr893493 fz531721 erg712826 CAN-2005-0993 1. Problem Description Buffer overflow in...