54 matches found
EUVD-2016-5163
Malware in sbrugna...
EUVD-2013-1409
Malware in sbrugna...
CVE-2025-30748
...
sudo: LPE via host option
A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option -h or --host. When using the default sudo security policy plugin sudoers, the host option is intended to be used in conjunction with t...
CVE-2025-30723
CVE-2025-30723 affects Oracle BI Publisher (XML Services) in Oracle Analytics for versions 7.6.0.0.0 and 12.2.1.4.0. The issue allows a low-privileged attacker with network access via HTTP to perform unauthorized updates/inserts/deletes on Oracle BI Publisher data and may enable partial denial of...
Linux Distros Unpatched Vulnerability : CVE-2020-25705
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively...
CVE-2023-49312
Precision Bridge PrecisionBridge.exe aka the thick client before 7.3.21 allows an integrity violation in which the same license key is used on multiple systems, via vectors involving a Process Hacker memory dump, error message inspection, and modification of a MAC address...
CVE-2023-49312
Precision Bridge PrecisionBridge.exe aka the thick client before 7.3.21 allows an integrity violation in which the same license key is used on multiple systems, via vectors involving a Process Hacker memory dump, error message inspection, and modification of a MAC address...
CVE-2023-49312
CVE-2023-49312 affects Precision Bridge's Thick Client (PrecisionBridge.exe) prior to version 7.3.21. The root cause is an integrity violation that enables reuse of the same license key across multiple systems. Reported attack vectors involve a Process Hacker memory dump, inspecting error message...
Weak Password Vulnerability in Multiple Systems of Beijing Shuo Ren Times Technology Co.
Beijing Shuoren Times Technology Co., Ltd. is one of the leading high-tech enterprises in the heating industry. Beijing Shuoren Times Technology Co., Ltd. multiple systems exist weak password vulnerability, attackers can use the vulnerability to obtain sensitive information...
SQL Injection Vulnerabilities in Multiple Systems of Guiyang Concentric Software Technology Co.
Guiyang Concentric Software Technology Co., Ltd. was established in January 2002. The company's business scope includes: computer software development and sales, computer accessories, communication equipment and so on. Guiyang Concentric Software Technology Co., Ltd. has SQL injection...
SQL Injection Vulnerabilities in Multiple Systems of Zhenjiang Mingrun Information Technology Co.
Zhenjiang Mingrun Information Technology Co., Ltd. is an enterprise of automation control software design and ship electrical equipment production. Zhenjiang Mingrun Information Technology Co., Ltd. has SQL injection vulnerabilities in several systems, which can be exploited by attackers to obtai...
metasploit-framework
This is an offensive tool for Metasploit Framework. It is a collection of modules and tools for exploiting vulnerabilities in various systems and applications. The repository contains a wide range of modules, including exploits, payloads, and post-exploitation tools. The primary target of this to...
File Upload Vulnerability in Multiple Systems of Anhui KU Aorui Technology Co.
Ltd. is a company dedicated to the development of teaching and management software for universities and colleges, the development of experimental instruments, and the provision of management overall design and solutions for teaching and research institutions. A file upload vulnerability exists in...
Unauthorized Access Vulnerability in Multiple Systems of Sichuan Zhonghe Network Technology Co.
Ltd. is a leading medical education solution provider in China. An unauthorized access vulnerability exists in multiple systems of Sichuan Zhonghe Network Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information...
Microsoft Windows GDI Component CVE-2019-1465 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Windows CVE-2019-1215 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems...
Microsoft Windows Graphics Component CVE-2019-1148 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Office 2019 for Mac Microsoft Windows 10 Version 1607 for 32-bit Systems...
Microsoft Windows AppX Deployment Service CVE-2019-1129 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit...
Microsoft Windows GDI Component CVE-2019-0774 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...