UBUNTU-CVE-2025-8264

Versions of the package z-push/z-push-dev before 2.7.6 are vulnerable to SQL Injection due to unparameterized queries in the IMAP backend. An attacker can inject malicious commands by manipulating the username field in basic authentication. This allows the attacker to access and potentially modif...

Microweber Security Breach

Microweber is an online store management system that provides drag and drop functionality from the Microweber community in the United States. The system includes modules for adding products, images, and more. A security vulnerability exists in Microweber versions prior to 2.0, which stems from th...

Jenkins Plugin Image Tag Parameter 信任管理问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

bumsys SQL注入漏洞

bumsys is an open source project called Business Management System by unilogies individual developers. unilogies bumsys version before v2.0.2 has a SQL injection vulnerability , the vulnerability stems from core/ajax/ajaxdata.php in the SQL injection...

Intel ON Event Series 安全漏洞

Intel ON Event Series is a mobile application from Intel Corporation USA. A security vulnerability exists in Intel ON Event Series versions prior to 2.0 that stems from insufficiently protected credentials. An attacker could exploit the vulnerability to cause information disclosure...

SICK RFU61x 加密问题漏洞

The SICK RFU61x is the smallest read/write device in the SICK UHF portfolio from SICK. It is ideally suited for IoT applications directly on workpieces or components. A security vulnerability exists in the SICK RFU62x prior to version 2.21, which stems from if a user requests encryption with a we...

PYSEC-2022-296

Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8...

CVE-2019-16210

Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save...

DEBIAN-CVE-2018-9988

ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in sslparseserverkeyexchange that could cause a crash on invalid input...

IKARUS anti.virus ntguard.sys driver arbitrary write vulnerability (CNVD-2017-37947)

IKARUS anti.virus is the Austrian IKARUS Security Software company a set of antivirus software products. ntguard.sys driver is one of the self-protection system driver . IKARUS anti.virus 2.16.18 before the version of the ntguard.sys driver there is an arbitrary write vulnerability, the...

CVE-2016-1139

Cross-site request forgery CSRF vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...