EUVD-2024-49412

Malicious code in bioql PyPI...

Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0

Summary A SQL Injection vulnerability has been found in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality. Impact Authenticated users may be able to execute arbitrary SQL statements on the DBMS used by the web application...

CVE-2022-24289

Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne's optional Remote Object Persistence ROP feature is a web services-based technology that provides object persistence and query functionality to 'remote' applications. In Apache Cayenne 4.1 and...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2021-1973)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ManageEngine OpManager Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'ManageEngine OpManager Remote Code Execution', 'Description' = %q This module exploits a default credential vulnerability in...

ManageEngine OpManager Remote Code Execution

This module exploits a default credential vulnerability in ManageEngine OpManager, where a default hidden account "IntegrationUser" with administrator privileges exists. The account has a default password of "plugin" which cannot be reset through the user interface. By log-in and abusing the...