25 matches found
EUVD-2017-12573
Malware in sbrugna...
EUVD-2021-16497
Malware in sbrugna...
EUVD-2005-4806
Malware in sbrugna...
EUVD-2019-8083
Malware in sbrugna...
EUVD-2014-7117
Malware in sbrugna...
EUVD-2021-28604
Malicious code in bioql PyPI...
Design/Logic Flaw
Versions of Sage 300 through 2022 implement role-based access controls that are only enforced client-side. Low-privileged Sage users, particularly those on a workstation setup in the "Windows Peer-to-Peer Network" or "Client Server Network" Sage 300 configurations, could recover the SQL connectio...
Cybercriminals’ friend VPNLab.net shut down by law enforcement
Europol has announced that law enforcement has seized or disrupted the 15 servers that hosted VPNLab.net’s service, rendering it no longer available. Led by the Central Criminal Office of the Hannover Police Department in Germany, the coordinated operation took place in Germany itself, the...
CVE-2021-22255
SSRF in URL file upload in Baserow 1.1.0 allows remote authenticated users to retrieve files from the internal server network exposed over HTTP by inserting an internal address...
Design/Logic Flaw
SSRF in URL file upload in Baserow 1.1.0 allows remote authenticated users to retrieve files from the internal server network exposed over HTTP by inserting an internal address...
CVE-2021-22255
SSRF in URL file upload in Baserow 1.1.0 allows remote authenticated users to retrieve files from the internal server network exposed over HTTP by inserting an internal address...
CVE-2021-2397
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIO...
CVE-2021-33213
An SSRF vulnerability in the "Upload from URL" feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to retrieve HTTP and FTP files from the internal server network by inserting an internal address...
CVE-2021-33213
The CVE-2021-33213 entry documents an SSRF in Elements-IT HTTP Commander 5.3.3, specifically in the Upload from URL feature. When authenticated, an attacker can supply an internal address to retrieve HTTP/FTP resources from the internal network, exposing internal resources. Root cause: SSRF in th...
CVE-2021-33213
An SSRF vulnerability in the "Upload from URL" feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to retrieve HTTP and FTP files from the internal server network by inserting an internal address...
CVE-2020-4347
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could be subject to attacks based on privilege escalation due to inappropriate file permissions for files used by WebSphere Application Server Network Deployment. IBM X-Force ID: 178412...
CVE-2020-4347
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could be subject to attacks based on privilege escalation due to inappropriate file permissions for files used by WebSphere Application Server Network Deployment. IBM X-Force ID: 178412...
CVE-2020-4347
IBM InfoSphere Information Server versions 11.3, 11.5, and 11.7 are affected by CVE-2020-4347 due to insecure file permissions for WebSphere Application Server Network Deployment (WAS ND) files, enabling privilege escalation. Affected products are InfoSphere Information Server (and on Cloud) with...
CVE-2019-2808
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...
CVE-2020-2679
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...