26 matches found
EUVD-2020-12584
Malware in sbrugna...
EUVD-2016-3165
Malware in sbrugna...
EUVD-2011-1584
Malware in sbrugna...
EUVD-2008-4772
Malware in sbrugna...
EUVD-2015-3042
Malware in sbrugna...
EUVD-2022-30622
Malicious code in bioql PyPI...
Improper Restriction Of Rendered UI Layers Or Frames
@haxtheweb/haxcms-nodejs is vulnerable to Improper Restriction of Rendered UI Layers or Frames. The vulnerability is due to lack of validation or sanitization of user-supplied URLs in iframe website blocks via malicious iframe embedding, allowing attackers to embed attacker-controlled sites and...
CVE-2022-30943
Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin...
CVE-2012-5155
Google Chrome before 24.0.1312.52 on Mac OS X does not use an appropriate sandboxing approach for worker processes, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors...
PT-2025-15: Kiosk restriction bypass in RED OS
The vulnerability was identified in RedOS, versions 7.3.5-20241106.3. The discovered vulnerability in the RedOS kiosk utility due to incorrect restrictions. Exploitation of the vulnerability may allow an attacker to execute arbitrary commands on the system outside the imposed restrictions...
CVE-2024-47309 WordPress Cities Shipping Zones for WooCommerce plugin <= 1.2.7 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Condless Cities Shipping Zones for WooCommerce cities-shipping-zones-for-woocommerce allows PHP Local File Inclusion.This issue affects Cities Shipping Zones for WooCommerce: from n/a through = 1.2.7...
PT-2023-19845 · Ibm · Ibm Aspera Faspex
Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex version 5.0.5 Description: The issue is related to incorrect access restriction to a resource from an unauthorized actor. There is no information provided about the estimated number of potentially affected devices worldwide ...
Information Disclosure
moodle/moodle is vulnerable to information disclosure. The vulnerability exists because the users who can view grades within a group is not properly restricted which allows an attacker to view grades of other users in other groups...
PT-2022-12910 · Unknown +2 · Phpliteadmin +2
Name of the Vulnerable Software and Affected Versions: phpLiteAdmin versions prior to 1.9.8.2 Description: The issue allows for XSS attacks via the newRows parameter, also known as num or number, in the index.php file. Recommendations: For versions prior to 1.9.8.2, avoid using the newRows...
Jenkins LTS < 2.319.2 / Jenkins weekly < 2.330 Multiple Vulnerabilities
According to its its self-reported version number, the version of Jenkins running on the remote web server is Jenkins LTS prior to 2.319.2 or Jenkins weekly prior to 2.330. It is, therefore, affected by multiple vulnerabilities: - A cross-site request forgery CSRF vulnerability in Jenkins 2.329 a...
Huawei HarmonyOS restriction vulnerability
Huawei HarmonyOS is an operating system from Huawei, a Chinese company that provides a microkernel-based distributed operating system. Huawei HarmonyOS 2.0 previously had a security vulnerability that could be exploited by an attacker to cause nearby processes to crash...
Cybozu Office View Restriction Bypass Vulnerability (CNVD-2021-18057)
Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. A view restriction bypass vulnerability exists in Cabinet in Cybozu Office. An attacker can exploit this vulnerability to obtain Cabinet data without viewing privileges...
CVE-2020-6568
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
BlueStacks App Player Access Restriction Vulnerability
BlueStacks App Player is a software that allows Android apps to run on Windows systems by BlueStacks, Inc. An access restriction vulnerability exists in BlueStacks App Player, where users with access to networks connected to the affected product may gain unauthorized access...
CVE-2015-5164
CVE-2015-5164 affects the Qpid server used by Red Hat Satellite 6. The issue arises from improper restriction of message types, enabling remote authenticated administrators on a managed content host to execute arbitrary code via a crafted message, tied to a pickle processing problem in pulp. Publ...