CVE-2025-42882

Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with basic privileges could execute a specific function module in ABAP to retrieve restricted technical information from the system. This disclosure of environment details of the system...

EUVD-2017-0003

Malware in sbrugna...

EUVD-2020-28117

Malware in sbrugna...

EUVD-2023-59635

Malicious code in bioql PyPI...

CVE-2020-6977

A restricted desktop environment escape vulnerability exists in the Kiosk Mode functionality of affected devices. Specially crafted inputs can allow the user to escape the restricted environment, resulting in access to the underlying operating system. Affected devices include the following GE...

CVE-2020-27486

Garmin Forerunner 235 before 8.20 is affected by: Buffer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the string length...

Siemens HiMed Cockpit 安全漏洞

The HiMed Cockpit is a multimedia terminal for infotainment and other applications, including supporting medical procedures at the bedside of hospital patients. Siemens HiMed Cockpit suffers from an improperly protected alternate path vulnerability that could be exploited by an unauthenticated,...

Siemens HiMed Cockpit

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

PT-2024-29354 · It Solutions · It Solutions Enjay Crm Os

Name of the Vulnerable Software and Affected Versions: IT Solutions Enjay CRM OS version 1.0 Description: The issue in the Hardware info module allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system. Recommendations: For IT Solutions...

PT-2024-29353 · It Solutions · It Solutions Enjay Crm Os

Name of the Vulnerable Software and Affected Versions: IT Solutions Enjay CRM OS version 1.0 Description: The issue in the Ping feature allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system. Recommendations: For IT Solutions Enjay C...

Arbitrary Code Execution

pandasai is vulnerable to Arbitrary Code Execution. An attacker is able to exploit this vulnerability by sending a specially crafted request to the Pandas-AI server. This request would cause the server to execute arbitrary code with the privileges of the root user. The vulnerability exists in...

Design/Logic Flaw

An issue has been discovered in GitLab affecting all versions starting from 13.6 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1, allowing to read environment names supposed to be restricted to project memebers only...

CVE-2023-0319

An issue has been discovered in GitLab affecting all versions starting from 13.6 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1, allowing to read environment names supposed to be restricted to project memebers only...

CVE-2023-0319

Removed by vendor...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab Community Edition and GitLab...

SUSE CVE-2015-6240

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack...

GHSA-WWWH-47WP-M522 Ansible Sandbox Escape via Symlink Attack

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack...

Ansible Sandbox Escape via Symlink Attack

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack...

CVE-2021-21552

Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier contain an improper authorization vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass the restricted environment and perform unauthorized actions on the...

CVE-2020-15797

A vulnerability has been identified in DCA Vantage Analyzer All versions V4.5 are affected by CVE-2020-7590. In addition, serial numbers 40000 running software V4.4.0 are also affected by CVE-2020-15797. Improper Access Control could allow an unauthenticated attacker to escape from the restricted...