8 matches found
EUVD-2025-14530
Malicious code in bioql PyPI...
CVE-2025-25264
An unauthenticated remote attacker can trick an admin to visit a website containing malicious java script code. The current overly permissive CORS policy allows the attacker to obtain any files from the file system...
CVE-2025-43564
Adobe ColdFusion (versions 2025.1, 2023.13, 2021.19 and earlier) is affected by an Improper Access Control vulnerability that can allow arbitrary file system read. The issue stems from improper access restrictions and could let a high-privileged attacker access or modify sensitive data without au...
CVE-2025-43563
CVE-2025-43563 affects Adobe ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier. It is an Improper Access Control vulnerability that could enable an attacker with high privileges to perform an arbitrary file system read, potentially accessing or modifying sensitive data. Exploitation requir...
CVE-2025-43563 ColdFusion | Improper Access Control (CWE-284)
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. A high-privileged attacker could leverage this vulnerability to access or modify sensitive data without proper authorization...
Google Android Information Disclosure Vulnerability (CNVD-2024-05383)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...
CVE-2022-1517 3.2.1 EXECUTION WITH UNNECESSARY PRIVILEGES CWE-250
LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level, which can allow an attacker to change settings, configurations, software, or access sensitive data on the affected produc. An attacker could also exploit this...
newsPHP 216 - Authentication Bypass
newsPHP 216 - Authentication Bypass source: https://www.securityfocus.com/bid/8489/info A vulnerability is reported to exist in newPHP that may allow an attacker to gain access to a vulnerable host due to improper verification of authentication credentials. This issue may be exploited to gain...