EUVD-2019-3496

Malware in sbrugna...

EUVD-2020-17312

Malware in sbrugna...

CVE-2025-36573

Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure...

SQL injection in JeecgBoot

SQL injection vulnerability in Beijing Guoju Information Technology Co., Ltd JeecgBoot v.3.7.2 allows a remote attacker to obtain sensitive information via the getTotalData component...

CVE-2025-24957 SQL Injection endpoint 'get_detalhes_socio.php' parameter 'id_socio' in WeGIA

WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, getdetalhessocio.php endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive information...

Adobe Commerce Security Bypass Vulnerability (CNVD-2024-40528)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which could be exploited by an attacker to bypass security measures to view and edit...

Security Bulletin: Vulnerabilities in Python packages might affect IBM Storage Defender – Resiliency Service (CVE-2024-22195, CVE-2024-26130, CVE-2023-50782)

Summary IBM Storage Defender – Resiliency Service is vulnerable and that can result in denial of service attacks, cross-site scripting, execution of arbitrary code, gaining elevated privileges, low integrity and confidentiality impacts, and the ability to obtain sensitive information. The...

PT-2024-14302 · Stackideas · Easydiscuss

Name of the Vulnerable Software and Affected Versions: StackIdeas EasyDiscuss versions 5.0.5 through 5.0.9 Description: A SQL injection issue allows a remote attacker to obtain sensitive information via a crafted request to the search parameter in the Users module. Recommendations: For versions...

Oracle Linux 9 : tigervnc (ELSA-2024-0010)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0010 advisory. - xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367 - xorg-x11-server: out-of-bounds memory...

CVE-2023-47488

Cross Site Scripting vulnerability in Combodo iTop v.3.1.0-2-11973 allows a local attacker to obtain sensitive information via a crafted script to the attribmanagerid parameter in the General Information page and the id parameter in the contact page...

CVE-2023-41349 ASUS RT-AX88U - externally-controlled format string

ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...

Security Bulletin: Vulnerabilities in IBM Java and Apache Tomcat affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem V9000 products

Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition and Apache Tomcat affect the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details CVEID:CVE-2020-2781 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java...

Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5954-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5954-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could...

USN-5575-2 libxslt vulnerabilities

USN-5575-1 fixed vulnerabilities in Libxslt. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Nicolas Grégoire discovered that Libxslt incorrectly handled certain XML. An attacker could possibly use this issue to expose sensitive...

Unauthorized Access Vulnerability in Network Camera WV-SW174W at Panasonic (China) Co.

Panasonic China Co., Ltd. is mainly responsible for carrying out sales and after-sales service activities for home appliances, systems, environments, components and other goods. An unauthorized access vulnerability exists in Network Camera WV-SW174W at Panasonic China Co. that can be exploited by...

SQL injection vulnerability in c***_vi***.asp page of website building system of Ruian City Business Enterprise Network Technology Co.

Ruian Business Enterprise Network Technology Co., Ltd. is a high-tech enterprise dedicated to the design and production of enterprise and commercial websites, to improve the level of SMEs' network marketing applications, and to enhance the comprehensive competitiveness of enterprises in the...

CVE-2020-3935 TAIWAN SECOM CO., LTD. – Sensitivity Information Exposure

TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers...

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1475)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The skbflowdissect function in net/core/flowdissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denia...

Security Bulletin: Vulnerabilities in GSKit affect IBM Security Access Manager for Web (CVE-2015-7421, CVE-2015-7420)

Summary Vulnerabilities were discovered in GSKit. IBM Security Access Manager for Web uses GSKit and addressed the applicable CVE. Vulnerability Details CVEID: CVE-2015-7421 DESCRIPTION: A vulnerability in GSKit could allow a remote attacker to obtain sensitive information. The internal ICC PRNG...

openSUSE: Security Advisory for kernel (openSUSE-SU-2017:2495-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...