EUVD-2011-0553

Malware in sbrugna...

EUVD-2008-0008

Malware in sbrugna...

EUVD-2020-4743

Malware in sbrugna...

CVE-2023-35938 User access not updated with privilege change in Tuleap

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. When switching from a project visibility that allows restricted users to Private without restricted, restricted users that are project administrators keep this access right. Restricted users tha...

CVE-2023-35938 User access not updated with privilege change in Tuleap

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. When switching from a project visibility that allows restricted users to Private without restricted, restricted users that are project administrators keep this access right. Restricted users tha...

Dell PowerPath Management Appliance 跨站请求伪造漏洞

The Dell PowerPath Management Appliance is a PowerPath host management application from Dell Inc. that offers two models: a virtual machine-based appliance and a Docker containerized appliance. The Dell PowerPath Management Appliance suffers from a cross-site request forgery vulnerability that ca...

CVE-2022-41644

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for a function that changes group privileges. An attacker could use this to create a denial-of-service state or escalate their own privileges...

GHSA-V2WF-C3J6-WPVW Session fixation

Impact The use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability. Workarounds Call...

Star Computer Star Practice Management Web 跨站请求伪造漏洞

Star Computer Star Practice Management Web is a web service used for time-based billing by Star Computer UK.A cross-site request forgery vulnerability exists in Star Practice Management Web version 2019.2.0.6, which could be exploited by an attacker to The vulnerability can be exploited to change...

CVE-2020-12431

A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with...

CVE-2020-12431

A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with...

CVE-2020-12431

The CVE-2020-12431 entry describes a Windows local privilege escalation in Splashtop Software Updater (before 1.5.6.16) due to insecure permissions on the updater’s configuration file and a named pipe, enabling a forced permission change of Splashtop files/directories and DLL hijacking to achieve...

CVE-2019-0389

An administrator of SAP NetWeaver Application Server Java J2EE-Framework, corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5, may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise...