18 matches found
EUVD-2005-4759
Malware in sbrugna...
CVE-2024-42655
An access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages using MQTT wildcard characters...
CVE-2024-42655
An access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages using MQTT wildcard characters...
CVE-2024-42655
An access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages using MQTT wildcard characters...
PT-2025-31247 · Nanomq · Nanomq
Name of the Vulnerable Software and Affected Versions: NanoMQ version 0.21.10 Description: An access control issue in NanoMQ version 0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages using MQTT wildcard characters. Recommendations: At the moment,...
CVE-2024-42655
An access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages using MQTT wildcard characters...
CVE-2021-25920
In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the victim user...
IBM InfoSphere Information Server has an unspecified vulnerability (CNVD-2022-56665)
IBM InfoSphere Information Server is a data integration platform from IBM Corporation. The platform can be used to integrate data information obtained from various sources. IBM InfoSphere Information Server version 11.7 has a security vulnerability that stems from the return of detailed technical...
IBM InfoSphere Information Server 安全漏洞
IBM InfoSphere Information Server is a data integration platform from IBM Corporation. The platform can be used to integrate data information obtained from various sources. IBM InfoSphere Information Server version 11.7 has a security vulnerability that stems from the return of detailed technical...
OpenEMR 2.7.2-rc1 < 6.0.0.1 Access Control Vulnerability
OpenEMR is prone to an access control vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:open-emr:openemr";...
CVE-2021-25920
In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the victim user...
CVE-2021-25920
In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the victim user...
Improper access control
In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the victim user...
CVE-2021-25920
In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the victim user...
CVE-2021-22309
There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions...
Google Releases End-To-End Chrome Extension to Open Source
Google yesterday announced that it has released the source code for its End-to-End extension for Chrome to open source via GitHub. End-to-End enables Gmail users to encrypt, sign and verify email messages within the Chrome browser, using OpenPGP. “We’ve always believed strongly that End-To-End mu...
Google Releases End-to-End Encryption Extension
Google has released an early version of a Chrome extension that provides end-to-end encryption for data leaving the browser. The extension will allow users to encrypt emails from their webmail accounts. The move by Google is another step in the process of making Web communications more secure and...
phpList 2.10.x - Security Bypass / Information Disclosure
source: https://www.securityfocus.com/bid/49188/info PHPList is prone to a security-bypass vulnerability and an information-disclosure vulnerability. An attacker can exploit these issues to gain access to sensitive information and send arbitrary messages to registered users. Other attacks are als...