EUVD-2018-0190

Malware in sbrugna...

EUVD-2001-1482

Malware in sbrugna...

EUVD-2014-8704

Malware in sbrugna...

EUVD-2017-2688

Malware in sbrugna...

CVE-2025-47792

Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...

MGASA-2025-0147 Updated apache-mod_auth_openidc packages fix security vulnerability

modauthopenidc allows OIDCProviderAuthRequestMethod POSTs to leak protected data. CVE-2025-31492...

Windows Cryptographic Information Disclosure Vulnerability

...

CVE-2024-49370 Change-Password via Portal-Profile sets PimcoreBackendUser password without hashing

Pimcore is an open source data and experience management platform. When a PortalUserObject is connected to a PimcoreUser and "Use Pimcore Backend Password" is set to true, the change password function in Portal Profile sets the new password. Prior to Pimcore portal engine versions 4.1.7 and 3.1.1...

CVE-2020-15706

creationtimestamp| type| source ---|---|--- 2023-03-02 13:33:13+00:00| seen| MISP/fde9c681-95fa-4561-81cb-2ed3099c8263...

CVE-2022-37933

A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has made the following software updates to resolve the vulnerability in HPE Superdome Flex firmware...

stcourier.com Improper Access Control vulnerability OBB-1381208

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

wettbewerbe.ipn.uni-kiel.de Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1048944 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

groupauto.co.uk Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-952088 Security Researcher AbhishekZaveri9 Helped patch 14 vulnerabilities Received 1 Coordinated Disclosure badges , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting groupauto.co.uk website and its users. Following...

CVE-2018-8754

The libevtrecordvaluesreadevent function in libevtrecordvalues.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub...

Progea Movicon < 11.4 Build 1150 Information Disclosure Vulnerability

Binary data 7128.pasl...

Support Incident Tracker (SiT!) 3.63 p1 - report_marketing.php?exc[] SQL Injection

Support Incident Tracker SiT! 3.63 p1 - reportmarketing.php?exc SQL Injection source: https://www.securityfocus.com/bid/48896/info Support Incident Tracker is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in ...

CVE-2022-46734

...