EUVD-2022-37038

Malicious code in bioql PyPI...

EUVD-2022-37039

Malicious code in bioql PyPI...

CVE-2022-34006

An issue was discovered in TitanFTP aka Titan FTP NextGen before 1.2.1050. When installing, Microsoft SQL Express 2019 installs by default with an SQL instance running as SYSTEM with BUILTIN\Users as sysadmin, thus enabling unprivileged Windows users to execute commands locally as NT...

CVE-2022-34005

An issue was discovered in TitanFTP aka Titan FTP NextGen before 1.2.1050. There is Remote Code Execution due to a hardcoded password for the sa account on the Microsoft SQL Express 2019 instance installed by default during TitanFTP NextGen installation, aka NX-I674 sub-issue 1. NOTE: as of...

SA-2023-12-19-CVE-2023-39336

SECURITY ADVISORY 2023-12-19 Product Affected: Ivanti Endpoint Manager A vulnerability was recently discovered for EPM 2022 SU4 and all prior versions. More information can be found here: CVE-2023-39336 Full details Please log into the community to access the full details page. Vulnerability...

CVE-2022-34006

An issue was discovered in TitanFTP aka Titan FTP NextGen before 1.2.1050. When installing, Microsoft SQL Express 2019 installs by default with an SQL instance running as SYSTEM with BUILTIN\Users as sysadmin, thus enabling unprivileged Windows users to execute commands locally as NT...

Remote code execution

An issue was discovered in TitanFTP aka Titan FTP NextGen before 1.2.1050. There is Remote Code Execution due to a hardcoded password for the sa account on the Microsoft SQL Express 2019 instance installed by default during TitanFTP NextGen installation, aka NX-I674 sub-issue 1. NOTE: as of...

CVE-2022-34006

Titan FTP Server NextGen (pre-1.2.1050) is affected by a flaw in the installation of Microsoft SQL Express 2019 where the SQL instance runs as SYSTEM with BUILTIN\Users as sysadmin. This configuration can allow an unprivileged Windows user to execute commands locally as NT AUTHORITY\SYSTEM (NX-I6...