994 matches found
Siemens SIMATIC S7-1500 Improper Limitation of a Pathname to a Restricted Directory (CVE-2021-3426)
There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to...
CVE-2025-63298
A path traversal vulnerability was identified in SourceCodester Pet Grooming Management System 1.0, affecting the admin/managewebsite.php component. An authenticated user with administrative privileges can leverage this flaw by submitting a specially crafted POST request, enabling the deletion of...
CVE-2025-34287
Nagios XI versions prior to 2024R2 contain an improperly owned script, processperfdata.pl, which is executed periodically as the nagios user but owned by www-data. Because the file was writable by www-data, an attacker with web server privileges could modify its contents, leading to arbitrary cod...
CVE-2025-62402 Apache Airflow: Airflow 3 API: /api/v2/dagReports executes DAG Python in API
API users via /api/v2/dagReports could perform Dag code execution in the context of the api-server if the api-server was deployed in the environment where Dag files were available...
Remote Code Execution Vulnerability in Vvveb
Vvveb CMS is vulnerable to code injection via the Code Editor functionality. Unsanitized editing functionality allows attacker-controlled changes to existing files on the web-accessible filesystem, allowing remote authenticated attackers with access to the Code Editor to achieve code execution wh...
CVE-2025-6515
The MCP SSE endpoint in oatpp-mcp returns an instance pointer as the session ID, which is not unique nor cryptographically secure. This allows network attackers with access to the oatpp-mcp server to guess future session IDs and hijack legitimate client MCP sessions, returning malicious responses...
CVE-2025-11900
CVE-2025-11900 affects HGiga’s iSherlock product family and is caused by an OS Command Injection in unauthenticated remote input handling. Multiple connected sources (Red Hat, NVD, CVE lists, EUVD/ ENISA) corroborate the issue description and classify it as CRITICAL (CVSS v3.1: 9.8; CVSS v4.0: 9....
EUVD-2013-0185
Malware in sbrugna...
EUVD-2018-16628
Malware in sbrugna...
EUVD-2018-15842
Malware in sbrugna...
EUVD-2020-0092
Malware in sbrugna...
EUVD-2018-14323
Malware in sbrugna...
EUVD-2018-1307
Malware in sbrugna...
EUVD-2019-0217
Malware in sbrugna...
EUVD-2014-2427
Malware in sbrugna...
EUVD-2012-0089
Malware in sbrugna...
EUVD-2013-0042
Malware in sbrugna...
EUVD-2013-0483
Malware in sbrugna...
EUVD-1999-0737
Malware in sbrugna...
EUVD-2020-4576
Malware in sbrugna...