109 matches found
PT-2026-24672
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.22 @openclaw/voice-call versions prior to 2026.2.22 Description OpenClaw and @openclaw/voice-call accept media-stream WebSocket upgrades before validating the stream, allowing unauthenticated clients to...
CVE-2026-21718
An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement and achieve pre-authenticated code execution on the system...
CVE-2026-21718
An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement and achieve pre-authenticated code execution on the system...
CVE-2026-21718
An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement and achieve pre-authenticated code execution on the system...
CVE-2026-21718
CVE-2026-21718 affects Copeland XWEB Pro (pre-1.12.1). Multiple sources (NVD, Red Hat, EUVD) describe an authentication bypass that enables pre-authenticated code execution over the network. Theconsistent impact is high/critical (C:H/I:H/A:H) with network access and no privileges required. PT-202...
📄 Monsta FTP DownloadFile Remote Code Execution
This Metasploit module exploits a pre-authenticated remote code execution vulnerability in Monsta FTP versions prior to 2.11.3. The vulnerability exists in the downloadFile action which allows an attacker to connect to a malicious FTP or SFTP server and download arbitrary files to arbitrary...
EUVD-2019-5552
Malware in sbrugna...
EUVD-2022-28100
Malicious code in bioql PyPI...
EUVD-2025-23620
Malicious code in bioql PyPI...
StrongDM Client 安全漏洞
StrongDM Client is a client software from StrongDM, Inc. A security vulnerability exists in StrongDM Client that stems from insufficient protection of pre-authenticated tokens, which could lead to interception and reuse of tokens...
VulnCheck KEV: CVE-2025-54987
A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture...
CVE-2025-54987
A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture...
CVE-2025-54987
A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture...
CVE-2025-54987
A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture...
CVE-2025-54987
A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture...
CVE-2025-54987
A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture...
CVE-2025-54948
CVE-2025-54948 affects Trend Micro Apex One (on-premise) management console. The vulnerability is an OS command injection that could allow a pre-authenticated remote attacker to upload malicious code and execute commands. Exploitation details are supported by multiple sources in Connected documen...
Trend Micro Apex One 安全漏洞
Trend Micro Apex One is an endpoint protection software from Trend Micro. A security vulnerability exists in Trend Micro Apex One that originates from allowing a pre-authenticated remote attacker to upload malicious code and execute commands...
Trend Micro Apex One 安全漏洞
Trend Micro Apex One is an endpoint protection software from Trend Micro. A security vulnerability exists in Trend Micro Apex One that originates from allowing a pre-authenticated remote attacker to upload malicious code and execute commands...
Sophos Firewall 安全漏洞
Sophos Firewall is a firewall from Sophos UK. A security vulnerability exists in Sophos Firewall versions prior to 21.0.2, which stems from a command injection issue in WebAdmin that could lead to pre-authenticated code execution...