21 matches found
EUVD-2014-8419
Malware in sbrugna...
EUVD-2022-30407
Malicious code in bioql PyPI...
EUVD-2022-27316
Malicious code in bioql PyPI...
EUVD-2023-34733
Malicious code in bioql PyPI...
Microsoft Teams Elevation of Privilege Vulnerability
Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network...
K000152313: shadow-utils vulnerability CVE-2024-56433
Security Advisory Description shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to...
Moderate: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Windows Shortcut Files Security Feature Bypass Vulnerability
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network...
CVE-2022-25755
A vulnerability has been identified in SCALANCE X302-7 EEC 230V, SCALANCE X302-7 EEC 230V, coated, SCALANCE X302-7 EEC 24V, SCALANCE X302-7 EEC 24V, coated, SCALANCE X302-7 EEC 2x 230V, SCALANCE X302-7 EEC 2x 230V, coated, SCALANCE X302-7 EEC 2x 24V, SCALANCE X302-7 EEC 2x 24V, coated, SCALANCE...
CVE-2021-45104
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker who can capture HTCondor network data can interfere with users' jobs and data...
CVE-2025-1400 Out-of-bounds Read in libplctag library
Out-of-bounds Read vulnerability in unpackresponse conn.c in libplctag from 2.0 through 2.6.3 allows Overread Buffers via network...
Azure ML Compute Elevation of Privilege Vulnerability
Improper authorization in Azure allows an authorized attacker to elevate privileges over a network...
CVE-2025-28143
CVE-2025-28143 affects Edimax BR-6478AC (BR-6478AC, V3_1.0.15) with a command injection via the groupname parameter on the /boafrm/formDiskCreateGroup API. Root cause: insufficient input filtering of groupname leading to arbitrary command execution. Documented impact: arbitrary command execution;...
CVE-2025-27472
CVE-2025-27472 corresponds to a Windows Mark of the Web (MOTW) security feature bypass. The initial description notes a protection mechanism failure that allows bypass over a network. Connected documents identify this CVE as an issue tracked by Microsoft with an official MSRC entry (MSRC CVE-2025...
PT-2024-36358
Name of the Vulnerable Software and Affected Versions: macOS Sequoia versions prior to 15.2 iOS versions prior to 18.2 iPadOS versions prior to 18.2 and prior to 17.7.3 visionOS versions prior to 2.2 Description: The issue was addressed by using HTTPS when sending information over the network. An...
CVE-2024-36080
Westermo EDW-100 devices through 2024-05-03 have a hidden root user account with a hardcoded password that cannot be changed. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the network...
Juniper Networks Junos OS 代码问题漏洞
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS is vulnerable to a code issue that could allow an unauthenticated network-based...
Suricata 缓冲区错误漏洞
Suricata is a network intrusion detection system IDS, intrusion prevention system IPS, and network security monitoring engine developed by the Open Information Security Foundation OISF and its supporting vendors, which supports multi-threading, built-in IPv6, and the ability to load pre-defined...
Weak Password Vulnerability in NetSense SecADS 3600 Application Delivery System
NetShen SecADS 3600 Application Delivery System is a product launched for customers in industries such as government, enterprises, education, carriers, and IDC data centers, which is able to solve the problems caused by insufficient server processing power, WAN link bandwidth unable to meet...
CVE-2013-4135
The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt option, only enables integrity protection and sends data in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network...