Galaxy Software Services Vitals ESP 安全漏洞

Galaxy Software Services Vitals ESP is an office knowledge management system developed by Galaxy Software Services. There is a security vulnerability in Galaxy Software Services Vitals ESP, which stems from improper authorization. This vulnerability could allow authenticated remote attackers to...

Interinfo DreamMaker security vulnerabilities

Interinfo DreamMaker is an application developed by Interinfo Corporation. Versions of Interinfo DreamMaker prior to October 22, 2025, contained security vulnerabilities. These vulnerabilities stemmed from the lack of authentication for the /servlet/baServer3 endpoint, which could allow...

CVE-2025-41693

A low privileged remote attacker can use the ssh feature to execute commands directly after login. The process stays open and uses resources which leads to a reduced performance of the management functions. Switching functionality is not affected...

EUVD-2018-7264

Malware in sbrugna...

EUVD-2015-1330

Malware in sbrugna...

EUVD-2014-0394

Malware in sbrugna...

EUVD-2024-51879

Malicious code in bioql PyPI...

CVE-2025-8803

A vulnerability has been found in Open5GS up to 2.7.5. Affected is the function gmmstatederegistered/gmmstateexception of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. It is possible to launch the attack remotely. Upgrading to version 2.7.6 is able t...

CVE-2024-40531

A mass assignment vulnerability exists in Pantera CRM versions 401.152 and 402.072. This flaw allows authenticated users to modify any user attribute, including roles, by injecting additional parameters via profile management functions...

CVE-2018-17179

An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the maketask function in /interface/forms/eyemag/php/taskmanfunctions.php via /interface/forms/eyemag/taskman.php...

CVE-2025-0750

A vulnerability was found in CRI-O. A path traversal issue in the log management functions UnMountPodLogs and LinkContainerLogs may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system...

CVE-2025-0750

A vulnerability was found in CRI-O. A path traversal issue in the log management functions UnMountPodLogs and LinkContainerLogs may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system...

CVE-2025-24024 Mjolnir v1.9.0 accepts commands from any room

Mjolnir is a moderation tool for Matrix. Mjolnir v1.9.0 responds to management commands from any room the bot is member of. This can allow users who aren't operators of the bot to use the bot's functions, including server administration components if enabled. Version 1.9.1 reverts the feature tha...

CVE-2021-35964

The management page of the Orca HCM digital learning platform does not perform identity verification, which allows remote attackers to execute the management function without logging in, access members’ information, modify and delete the courses in system, thus causing users fail to access the...

PT-2021-21084 · Orca Hcm · Orca Hcm

Name of the Vulnerable Software and Affected Versions: Orca HCM digital learning platform affected versions not specified Description: The management page of the Orca HCM digital learning platform does not perform identity verification, allowing remote attackers to execute management functions...

nss: NULL pointer dereference in several CMS functions resulting in a denial of service

In Network Security Services NSS before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service...

CVE-2014-5431

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 contains a hard-coded password, which provides access to basic biomedical information, limited device settings, and network configuration of the WBM, if connected. The hard-coded password...

CVE-2018-15386

A vulnerability in Cisco Digital Network Architecture DNA Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions. The vulnerability is due to an insecure default configuration of the affected system. An...

Authentication flaw

A vulnerability in Cisco Digital Network Architecture DNA Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions. The vulnerability is due to an insecure default configuration of the affected system. An...

CVE-2015-1188

The certificate verification functions in the HNDS service in Swisscom Centro Grande ADB DSL routers with firmware before 6.14.00 allows remote attackers to access the management functions via unknown vectors...