CVE-2026-5516

IBM WebSphere Application Server - Liberty 22.0.0.11 through 26.0.0.5 IBM WebSphere Application Server Liberty could allow a remote attacker to bypass security under limited conditions by exploiting a specific timing window...

(Pwn2Own) Samsung Galaxy S25 Samsung Members Security Feature Bypass Vulnerability

This vulnerability allows remote attackers to bypass a security feature on affected installations of Samsung Galaxy S25. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Samsung Members application. The issue results from the exposure of a resource...

EUVD-2015-7194

Malware in sbrugna...

EUVD-2016-8403

Malware in sbrugna...

Fortinet FortiIsolator 访问控制错误漏洞

Fortinet FortiIsolator is a Fortinet application that provides remote security isolation for browsers. The application adds additional advanced threat protection capabilities to the Fortinet Security Fabric and protects business-critical data from sophisticated threats on the Web. Content and fil...

CVE-2025-6514

mcp-remote is exposed to OS command injection when connecting to untrusted MCP servers due to crafted input from the authorizationendpoint response URL...

CVE-2025-5881 code-projects Chat System confirm_password.php sql injection

A vulnerability was found in code-projects Chat System up to 1.0 and classified as critical. This issue affects some unknown processing of the file /user/confirmpassword.php. The manipulation of the argument cid leads to sql injection. The attack may be initiated remotely. The exploit has been...

openSUSE Security Advisory (SUSE-SU-2025:1572-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fortinet FortiIsolator 操作系统命令注入漏洞

Fortinet FortiIsolator is a Fortinet application that provides remote security isolation capabilities for browsers. The application adds additional advanced threat protection capabilities to the Fortinet Security Fabric and protects critical business data from sophisticated threats on the Web...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to remote security bypass due to Node.js package

Summary Node.js is used by the DataStage on Cloud Pak for Data ds-canvas service as part of Javascript processing. Vulnerability Details CVEID:CVE-2023-39331 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by a path traversal bypass when verifying file...

CVE-2025-0201 code-projects Point of Sales and Inventory Management System update_account.php sql injection

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user/updateaccount.php. The manipulation of the argument username leads to sql injection. The attack may be...

PT-2022-27863 · Veritas · Veritas Netbackup Access Appliance +1

Name of the Vulnerable Software and Affected Versions: Veritas NetBackup Flex Scale versions 1.0 through 3.0 Veritas NetBackup Access Appliance versions 8.0.0 through 8.0.100 Description: An issue was discovered that allows unauthenticated remote command execution via the management portal...

ROS-2-1721

2.1721 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass the security restrictions imposed.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia :...

New Cyber Threat Index Shows Industries Are Under Attack in Uncertain Times

It has been more than a month since businesses around the world started to implement contingencies in response to the Coronavirus. The Cyber Threat Index Report by Imperva Research Labs tracks changes in traffic and attack trends across multiple industries and countries. This month’s edition look...

Webinar — Autonomous Breach Protection: The New Security Paradigm Shift

Organizations today struggle with multi-product security stacks, that are expensive to purchase and maintain and also require a highly skilled security team to manually integrate and operate. The current Coronavirus crisis that has imposed a strict quarantine on organizations and security teams...

Lock and Code S1Ep2: On the challenges of managed service providers

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to two representatives from an Atlanta-based managed service provider—a manager of engineering services and a data center architect—about the daily challeng...

Command Execution Vulnerability in the ns***.php File of the Green Alliance Remote Security Evaluation System

RSAS Remote Security Assessment System is a new generation of vulnerability management product independently developed by Green Alliance Technology. A command execution vulnerability exists in the ns.php file of Remote Security Assessment System. An attacker can exploit the vulnerability to execu...

Oracle E-Business Suite CVE-2020-2591 Remote Security Vulnerability

Description Oracle E-Business Suite is prone to a remote security vulnerability in 'Oracle Web Applications Desktop Integrator' product. This vulnerability can be exploited over the 'HTTP' protocol. The 'Application Service' component is affected. This vulnerability affects the following supporte...

Oracle PeopleSoft Enterprise HCM Human Resources CVE-2020-2561 Remote Security Vulnerability

Description Oracle PeopleSoft Enterprise HCM Human Resources is prone to a remote security vulnerability. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Company Dir / Org Chart Viewer' component is affected. These vulnerabilities affect the following supported versions: 9.2...

Oracle Hyperion Financial Close Management CVE-2020-2563 Remote Security Vulnerability

Description Oracle Hyperion Financial Close Management is prone to a remote security vulnerability in 'Close Manager' component. The vulnerability can be exploited over the 'HTTP' protocol. This vulnerability affects the following supported versions: 11.1.2.4 Technologies Affected Oracle Hyperion...