EUVD-2016-5847

Malware in sbrugna...

EUVD-2016-8650

Malware in sbrugna...

EUVD-2014-2041

Malware in sbrugna...

PT-2025-26494 · Totolink · Totolink N300Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N300RH version 6.1c.1390 B20191101 Description: A critical issue was found in the HTTP POST Message Handler of the TOTOLINK N300RH, affecting some unknown functionality of the file /boafrm/formPortFw. The manipulation of the service...

CVE-2012-5155

Google Chrome before 24.0.1312.52 on Mac OS X does not use an appropriate sandboxing approach for worker processes, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors...

PT-2025-17345

Name of the Vulnerable Software and Affected Versions DaiCuo version 1.3.13 Description A vulnerability was found in the SEO Optimization Settings Section component, which can lead to cross-site scripting. The attack may be launched remotely. Recommendations For DaiCuo version 1.3.13, consider...

PT-2025-15417 · Dell · Dell Common Event Enabler

Name of the Vulnerable Software and Affected Versions: Dell Common Event Enabler version 9.0.0.0 Description: The issue is related to an Initialization of a Resource with an Insecure Default vulnerability in the Common Anti-Virus Agent CAVA of the Dell Common Event Enabler. This could allow an...

PT-2024-17176 · Unknown · Cph2 Echarge Firmware

Name of the Vulnerable Software and Affected Versions: cph2 echarge firmware versions through 2.0.4 Description: The issue affects devices that communicate with the eCharge cloud infrastructure over an insecure channel, as peer verification is disabled. This allows remote unauthenticated users,...

PT-2024-31142 · Tenda · Tenda Fh1206

Name of the Vulnerable Software and Affected Versions: Tenda FH1206 version V1.2.0.88155 EN Description: The issue is a Buffer Overflow vulnerability via the function fromSetIpBind. This vulnerability can lead to remote code execution RCE. There is no information about the estimated number of...

CVE-2021-29215

A potential security vulnerability in HPE Ezmeral Data Fabric that may allow a remote access restriction bypass in the TEZ MapR ecosystem component was discovered in versions: Prior to Tez-0.8: mapr-tez-0.8.201907081100-1.noarch; prior to Tez-0.9: mapr-tez-0.9.201907090334-1.noarch; prior to...

Design/Logic Flaw

A potential security vulnerability in HPE Ezmeral Data Fabric that may allow a remote access restriction bypass in the TEZ MapR ecosystem component was discovered in versions: Prior to Tez-0.8: mapr-tez-0.8.201907081100-1.noarch; prior to Tez-0.9: mapr-tez-0.9.201907090334-1.noarch; prior to...

Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities (CVE-2019-12450)

Summary IBM Security Privileged Identity Manager has addressed an issue for glib2 as follows. Vulnerability Details CVEID: CVE-2019-12450 DESCRIPTION: GNOME GLib could allow a remote attacker to bypass security restrictions, caused by improper permission control in the filecopyfallback in...

Design/Logic Flaw

Calsos CSDJ CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier allows remote attackers to bypass access restriction and to obtain unauthorized historical data without access privileges via unspecified vectors...

CVE-2019-12000

HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application. Update to version 3.2 and update the HTTPS configuration as described in the HPE MSE Messaging...

Design/Logic Flaw

HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application. Update to version 3.2 and update the HTTPS configuration as described in the HPE MSE Messaging...

CVE-2019-12000

HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application. Update to version 3.2 and update the HTTPS configuration as described in the HPE MSE Messaging...

CVE-2019-12000

CVE-2019-12000 relates to the HPE MSE Msg Gw application E-LTU prior to version 3.2, where a potential Remote Access Restriction Bypass exists when HTTPS is used between the USSD and an external USSD service logic application. Affected component: HPE MSE Messaging Gateway (E-LTU); root cause: ins...

Red Hat JBoss Application Server (AS) Console and Web Management Misconfiguration Vulnerability - Active Check

The default configuration of Red Hat JBoss Application Server AS does not restrict access to the console and web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests. SPDX-FileCopyrightText: 2019 Greenbone AG Some text...

CVE-2019-5944

CVE-2019-5944 affects Cybozu Garoon 4.0.0 to 4.10.1. A remote authenticated attacker can bypass access restrictions and alter contents of the application “Address” without modify privileges via the application “Address.” Multiple sources corroborate the issue as a privilege/access-control flaw en...

EulerOS Virtualization 2.5.4 : openssh (EulerOS-SA-2019-1235)

According to the version of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or a...