CVE-2019-11618

doorGets 7.0 has a default administrator credential vulnerability. A remote attacker can use this vulnerability to gain administrator privileges for the creation and modification of articles via an H0XZlT44FcN1j9LTdFc5XRXhlF30UaGe1g3cZY6i1K9 accesstoken in a uri=blog=index=blog action to...

EUVD-2018-3297

Malware in sbrugna...

EUVD-2018-19504

Malware in sbrugna...

EUVD-2015-4568

Malware in sbrugna...

EUVD-2021-23708

Malware in sbrugna...

EUVD-2024-40427

Malicious code in bioql PyPI...

EUVD-2024-15804

Malicious code in bioql PyPI...

EUVD-2025-10099

Malicious code in bioql PyPI...

CVE-2025-20261

A vulnerability in the SSH connection handling of Cisco Integrated Management Controller IMC for Cisco UCS B-Series, UCS C-Series, UCS S-Series, and UCS X-Series Servers could allow an authenticated, remote attacker to access internal services with elevated privileges. This vulnerability is due t...

PT-2025-23821 · Cisco · Cisco Imc

Name of the Vulnerable Software and Affected Versions: Cisco Integrated Management Controller IMC for Cisco UCS B-Series, UCS C-Series, UCS S-Series, and UCS X-Series Servers affected versions not specified Description: A vulnerability in the SSH connection handling could allow an authenticated,...

CVE-2022-21823

A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control 2021.2 10.7.30.0 that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector...

CVE-2025-30014

SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don�t have access to, hence causing a high impact on confidentiality. Integrity and Availability are...

GHSA-C85W-X26Q-CH87 Formwork improperly validates input of User role preventing site and panel availability

Summary Improper validation of select fields allows attackers to craft an input that crashes the system, resulting in a 500 status and making the entire site and administration panel unavailable. This clearly impacts the Availability aspect of the CIA triad confidentiality, integrity, and...

The vulnerability of the CPCI85 and SICORE processor module control software from Siemens SICAM allows a hacker to execute arbitrary code.

The vulnerability of the CPCI85 and SICORE processor module management systems from Siemens SICAM lies in the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with root privileges...

CVE-2023-4089 WAGO: Multiple products vulnerable to local file inclusion

On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected...

GHSA-9XH4-WPX8-RG2W MoinMoin Improper Privilege Management

MoinMoin 1.2.2 and earlier could allow a remote attacker to gain elevated privileges, caused by an undisclosed Access Control List ACL vulnerability in the PageEditor...

Samsung Mobile Smart Manager Misconfiguration Vulnerability

Smart Manager is a feature on older devices running Android 6.0 and below from Samsung samsung in South Korea. A misconfiguration vulnerability exists in Samsung Mobile Smart Manager, which stems from an incorrect configuration in Smart Manager version 11.0.05.0 and prior versions. An attacker ca...

Arbitrary File Read Vulnerability in Ruijie EG Easy Gateway WEB Management System

Ruijie EasyGate is a multi-service integrated gateway product launched by Ruijie Networks to solve the current network egress problems. The WEB management system of Ruijie EG EasyGate has an arbitrary file reading vulnerability, which can be exploited by an attacker to log in a user with low...

JVN#88313872: ZIP with Pass vulnerable to directory traversal

ZIP with Pass provided by aokitaka contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has privileges to...

D-Link DIR-645 Router Authentication Bypass Vulnerability (Feb 2013) - Active Check

D-Link DIR-645 Router devices are prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only nb: Running...