5 matches found
EUVD-2025-4910
Malicious code in bioql PyPI...
CVE-2025-0756 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')
Overview The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control. CWE-99 Description Hitachi Vantara Pentaho Data Integration &...
Vulnerability of the __dm_internal_suspend() function in the drivers/md/dm.c module – The driver for supporting multiple devices (RAID and LVM) in the Linux kernel allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the dminternalsuspend function in the drivers/md/dm.c module – The driver for supporting multiple devices RAID and LVM in the Linux kernel is vulnerable due to improper control of resource identifiers “resource injection”. Exploiting this vulnerability allows an attacker to...
Design/Logic Flaw
AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability."...
CVE-2015-8258
CVE-2015-8258 affects AXIS Communications devices with firmware up to 5.80.x. The issue is a resource injection via the imagePath parameter in view.shtml, enabling XSS/Open Script Editor abuse to potentially cause a URL-based request to attacker-controlled content. The vulnerability arises from h...