26 matches found
EUVD-1999-1186
Malware in sbrugna...
EUVD-2008-3071
Malware in sbrugna...
EUVD-2022-51625
Malicious code in bioql PyPI...
CVE-2025-8866
YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including private and public IP addresses and DNS records...
CVE-2025-8866
YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including private and public IP addresses and DNS records...
CVE-2025-8866
Summary: CVE-2025-8866 affects the YugabyteDB Anywhere web server, where the /metamaster/universe API endpoint does not properly enforce authentication. What’s affected: YugabyteDB Anywhere web server (specific versions not enumerated in provided documents). Root cause (as described): Authenticat...
PT-2025-32557 · Yugabyte · Yugabytedb Anywhere
Name of the Vulnerable Software and Affected Versions: YugabyteDB Anywhere affected versions not specified Description: The YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to...
Linux Distros Unpatched Vulnerability : CVE-2022-4269
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress using TC acti...
CVE-2022-4269
A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress using TC action "mirred" a local unprivileged user could trigger a CPU soft lockup ABBA deadlock when the transport protocol in use TCP or SCTP does a...
CVE-2022-4269
A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress using TC action "mirred" a local unprivileged user could trigger a CPU soft lockup ABBA deadlock when the transport protocol in use TCP or SCTP does a...
PT-2022-6279 · Linux +8 · Linux Kernel +8
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration, such as redirecting egress packets to ingress using TC action "mirred", a...
CVE-2019-13022
Bond JetSelect all versions has an issue in the Java class ENCtool.jar and corresponding password generation algorithm used to set initial passwords upon first installation. It XORs the plaintext into the 'encrypted' password that is then stored within the database. These steps are able to be...
CVE-2017-12945
Insufficient validation of user-supplied input for the Solstice Pod before 2.8.4 networking configuration enables authenticated attackers to execute arbitrary commands as root...
CVE-2017-12945
Insufficient validation of user-supplied input for the Solstice Pod before 2.8.4 networking configuration enables authenticated attackers to execute arbitrary commands as root...
Input validation
Insufficient validation of user-supplied input for the Solstice Pod before 2.8.4 networking configuration enables authenticated attackers to execute arbitrary commands as root...
CVE-2017-12945
CVE-2017-12945 affects Mersive Solstice devices running firmware prior to 2.8.4. The issue is insufficient validation of user-supplied input during networking configuration, enabling an authenticated attacker to execute arbitrary commands as root via an OS command injection path. Public reference...
Design/Logic Flaw
A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance ESA and Content Security Management Appliance SMA could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential wi...
CVE-2018-0095
A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance ESA and Content Security Management Appliance SMA could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential wi...
CVE-2018-0095
A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance ESA and Content Security Management Appliance SMA could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential wi...
CVE-2018-0095
A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance ESA and Content Security Management Appliance SMA could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential wi...