43 matches found
BeyondTrust Privilege Management for Windows <= 25.7 Anti-Tamper Bypass (BT26-01)
The version of BeyondTrust Privilege Management for Windows installed on the remote host is prior to 25.8. It is, therefore, affected by a vulnerability as referenced in the BT26-01 advisory. - Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the...
CVE-2023-40817
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Product Configuration Name Field...
CVE-2025-4952
CVE-2025-4952 involves tampering with registry entries that could prevent ESET security products for Windows from starting on the next system startup or allow unauthorized changes to the product configuration. Connected documents corroborate the registry-tampering theme affecting ESET products, b...
Grupo Castilla Epsilon RH 安全漏洞
Grupo Castilla Epsilon RH is a human resource management software from the Spanish company Grupo Castilla. A security vulnerability exists in Grupo Castilla Epsilon RH that stems from a failure to path... /epsilonnet/License/About.aspx to enforce access control, which could lead an attacker to...
EUVD-2012-6293
Malware in sbrugna...
EUVD-2025-10422
Malicious code in bioql PyPI...
EUVD-2023-2934
Malicious code in bioql PyPI...
EUVD-2024-39399
Malicious code in bioql PyPI...
CVE-2025-29870
Missing authentication for critical function vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, a remote unauthenticated attacker may obtain the product configuration information including authentication information...
CVE-2024-42022
An incorrect permission assignment vulnerability allows an attacker to modify product configuration files...
CVE-2024-42022
An incorrect permission assignment vulnerability allows an attacker to modify product configuration files...
CVE-2024-42022
An incorrect permission assignment vulnerability allows an attacker to modify product configuration files...
Cross Site Scripting (XSS)
org.opencrx: opencrx-core-models is vulnerable to HTML Injection. The vulnerability is due to a lack of proper input sanitization in the Product Configuration Name Field. This allows an attacker to inject malicious HTML into the application...
Cross-site Scripting in OpenCRX
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Product Configuration Name Field...
CVE-2023-40817
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Product Configuration Name Field...
CVE-2023-40817
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Product Configuration Name Field...
CVE-2023-40817
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Product Configuration Name Field...
Design/Logic Flaw
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Product Configuration Name Field...
OpenCRX Security Vulnerabilities
openCRX is an open source Crm software. A security vulnerability exists in OpenCRX version 5.2.0, which originated from a vulnerability that allows attackers to perform HTML injection attacks via the Product Configuration Name field...
PT-2023-27654 · Opencrx · Opencrx
Name of the Vulnerable Software and Affected Versions: OpenCRX version 5.2.0 Description: The issue allows for HTML injection via the Product Configuration Name Field. Recommendations: For OpenCRX version 5.2.0, update to a version that fixes this issue, if available. As a temporary workaround,...