CVE-2025-54852

A reflected cross-site scripting xss vulnerability exists in the modifyAeTitle functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

EUVD-2020-3127

Malware in sbrugna...

Design/Logic Flaw

An insecure modification flaw in the /etc/kubernetes/kubeconfig file was found in OpenShift. This flaw allows an attacker with access to a running container which mounts /etc/kubernetes or has local access to the node, to copy this kubeconfig file and attempt to add their own node to the OpenShif...

containers/openjdk: /etc/passwd is given incorrect privileges

An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity,...

containers/openjdk: /etc/passwd is given incorrect privileges

An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity,...

Smartwin Technology CyberOffice Shopping Cart 2.0 - Price Modification

source: https://www.securityfocus.com/bid/1733/info Smartwin Technology CyberOffice Shopping Cart is a shopping cart application for e-commerce enabled websites running Windows NT 4.0 or 2000. The order form CyberOffice Shopping Cart utilizes can be easily modified by downloading the form locally...