41 matches found
EUVD-2017-18563
Malware in sbrugna...
EUVD-2023-35536
Malicious code in bioql PyPI...
CVE-2025-52094
Insecure Permissions vulnerability in PDQ Smart Deploy V.3.0.2040 allows a local attacker to execute arbtirary code via the \HKLM\SYSTEM\Setup\SmartDeploy component...
CVE-2025-52095
An issue in PDQ Smart Deploy V.3.0.2040 allows an attacker to escalate privileges via the Credential encryption routines in SDCommon.dll...
CVE-2025-52094
Insecure Permissions vulnerability in PDQ Smart Deploy V.3.0.2040 allows a local attacker to execute arbtirary code via the \HKLM\SYSTEM\Setup\SmartDeploy component...
PDQ Smart Deploy 安全漏洞
PDQ Smart Deploy is a Windows device imaging and deployment software from PDQ Corporation. A security vulnerability exists in PDQ Smart Deploy version 3.0.2040, which stems from a flaw in the credential encryption routines in SDCommon.dll that could lead to elevation of privilege...
PDQ Smart Deploy 安全漏洞
PDQ Smart Deploy is a Windows device imaging and deployment software from PDQ Corporation. A security vulnerability exists in PDQ Smart Deploy version 3.0.2040, which stems from improper permissions on the HKLMSYSTEMSetupSmartDeploy component, and could lead to execution of arbitrary code by a...
CVE-2025-52095
An issue in PDQ Smart Deploy V.3.0.2040 allows an attacker to escalate privileges via the Credential encryption routines in SDCommon.dll...
CVE-2025-52095
Summary: PDQ Smart Deploy 3.0.2040 is affected by a privilege-escalation flaw in the credential encryption routines inside SDCommon.dll. Affected software/version: PDQ Smart Deploy, v3.0.2040. Root cause: flaw in the credential encryption routines in SDCommon.dll. Impact: attacker can escalate pr...
MAL-2025-13115 Malicious code in @zalastax/nolb-pdq (npm)
The package @zalastax/nolb-pdq was found to contain malicious code...
Malicious code in @zalastax/nolb-pdq (npm)
The package @zalastax/nolb-pdq was found to contain malicious code...
CVE-2023-31221
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ransom Christofferson PDQ CSV plugin = 1.0.0 versions...
PDQ Deploy allows reuse of deleted credentials that can compromise a device and facilitate lateral movement
Overview PDQ Deploy is a service intended for usage by system administrators for the deployment of software or updates to targeted machines within their network. PDQ Deploy uses "run modes" to deploy software to their target devices. The run mode "Deploy User" insecurely creates credentials on th...
pdqfirewaterdamage.com Cross Site Scripting vulnerability OBB-3650935
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PDQ CSV <= 1.0.0 - Admin+ Stored Cross-Site Scripting
Description The plugin does not sanitize and escape some fields in the plugin settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfilteredhtml capability is disallowed for example in a multisite setup...
CVE-2023-31221
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ransom Christofferson PDQ CSV plugin = 1.0.0 versions...
CVE-2023-31221
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ransom Christofferson PDQ CSV plugin = 1.0.0 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ransom Christofferson PDQ CSV plugin = 1.0.0 versions...
CVE-2023-31221 WordPress PDQ CSV Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ransom Christofferson PDQ CSV plugin = 1.0.0 versions...
CVE-2023-31221 WordPress PDQ CSV Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ransom Christofferson PDQ CSV plugin = 1.0.0 versions...