39 matches found
EUVD-2020-19055
Malware in sbrugna...
EUVD-2015-5866
Malware in sbrugna...
EUVD-2007-0740
Malware in sbrugna...
EUVD-2023-31598
Malicious code in bioql PyPI...
EUVD-2021-7621
Malicious code in bioql PyPI...
DEBIAN-CVE-2025-5986
A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data e.g. using /dev/urandom on Linux or to...
CVE-2023-27863
IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325...
IBM Spectrum Protect Plus Information Disclosure Vulnerability (CNVD-2023-41895)
IBM Spectrum Protect Plus is a suite of data protection platforms from International Business Machines IBM. The platform provides organizations with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes. An information...
CVE-2023-27863
IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325...
CVE-2023-27863
IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325...
CVE-2023-27863 IBM Spectrum Protect Plus Server information disclosure
IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325...
CVE-2023-27863 IBM Spectrum Protect Plus Server information disclosure
IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325...
Security Bulletin: Stored SMB credentials may allow access to vSnap after oracle backup in IBM Spectrum Protect Plus for Db2 and Oracle (CVE-2023-27863)
Summary IBM Spectrum Protect Plus for Db2 and Oracle with transport encryption enabled can possibly expose SMB credentials to access vSnap data stores, as described by the CVEs in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2023-27863 DESCRIPTION: IBM Spectrum Protect Plu...
Exfiltration of hashed SMB credentials on Windows via file:// redirect
Impact When following a redirect, Electron delays a check for redirecting to file:// URLs from other schemes. The contents of the file is not available to the renderer following the redirect, but if the redirect target is a SMB URL such as file://some.website.com/, then in some cases, Windows wil...
CVE-2021-20164
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device. Usernames and passwords for all smb users are revealed in plaintext on the smbserver.asp page...
CVE-2021-20164
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device. Usernames and passwords for all smb users are revealed in plaintext on the smbserver.asp page...
Trendnet AC2600 信息泄露漏洞
Trendnet AC2600 TEW-827DRU is a wireless router. Trendnet AC2600 TEW-827DRU is vulnerable to an information disclosure vulnerability that stems from a failure to properly disclose credentials for the device's smb functionality. An attacker could exploit the vulnerability to display all mb account...
CVE-2020-26508
The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices allows attackers to retrieve stored SMB credentials via the export feature, even though these are intentionally inaccessible in the UI...
Code injection
The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices allows attackers to retrieve stored SMB credentials via the export feature, even though these are intentionally inaccessible in the UI...
CVE-2020-26508
The CVE-2020-26508 entry concerns the WebTools component of Canon Oce ColorWave 3500 devices running version 5.1.1.0. The vulnerability enables an attacker to retrieve stored SMB credentials through the export feature, bypassing UI restrictions that are supposed to keep these credentials inaccess...