14 matches found
EUVD-2018-16667
Malware in sbrugna...
EUVD-2020-2518
Malware in sbrugna...
Exploit for CVE-2025-5287
CVE-2025-5287 PoC Unauthenticated SQL Injection exploit for...
CVE-2024-13824
The CiyaShop - Multipurpose WooCommerce Theme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.19.0 via deserialization of untrusted input in the 'addciyashopwishlist' and 'ciyashopgetcompare' functions. This makes it possible for unauthenticated...
Magento Improper Authorization vulnerability
Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures to view and edit low-sensitivity...
GHSA-GVGF-PVH5-VJH4 Magento Improper Authorization vulnerability
Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures to view and edit low-sensitivity...
Adobe Commerce 安全漏洞
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which could be exploited by an attacker to bypass security measures to view and edit...
CVE-2024-42157
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copytouser fails...
RuvarOA PageID Parameter SQL Injection Vulnerability
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by the lack of validation of the PageID parameter in the /WebUtility/SearchCondiction.aspx file against external SQL input. An attacker can exploit this...
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1035)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K01217337: Linux kernel vulnerability CVE-2021-22543
Security Advisory Description An issue was discovered in Linux: KVM through Improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write...
Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks
Cybercriminals are tapping into Amazon’s annual discount shopping campaign for subscribers, Prime Day, with researchers warning of a recent spike in phishing and malicious websites that are fraudulently using the Amazon brand. There has been a spike in the number of new monthly phishing and...
CVE-2018-19000
The CVE-2018-19000 entry concerns LAquis SCADA (LCDS) Web Server authentication via URI handling. Connected documents confirm an authentication bypass in LAquis SCADA prior to version 4.1.0.4150, enabling remote access to system data through specially crafted URIs. ZDI-19-068 documents the vulner...
[ASA-201711-32] exim: multiple issues
Arch Linux Security Advisory ASA-201711-32 ========================================== Severity: Critical Date : 2017-11-30 CVE-ID : CVE-2017-1000369 CVE-2017-10140 CVE-2017-16943 CVE-2017-16944 Package : exim Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-518 Summar...