Insecure Defaults

Overview Affected versions of this package are vulnerable to Insecure Defaults due to the Wss4jSecurityInterceptor class in Wss4jSecurityInterceptor.java initializing its bspCompliant flag to false, so inbound validation always calls RequestData.setDisableBSPEnforcementtrue and disables WSS4J's...

Konica Bizhub Multifunction Printers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-20869)

When using external authentication with an LDAP server, a remote attacker could steal specific authentication information in Administrator settings by sending specific SOAP messages. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504863; scriptversion"1.2";...

Konica Bizhub Multifunction Printers Incorrect Authorization (CVE-2021-20868)

If external server authentication is used, a remote attacker with administrative privileges could steal user credentials by sending specific SOAP messages. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504865; scriptversion"1.2";...

CVE-2025-41722 Sauter: Hard-coded Authentication Credentials

The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An unauthenticated remote attacker can extract private keys from the Software of the affected devices...

CVE-2025-41722 Sauter: Hard-coded Authentication Credentials

The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An unauthenticated remote attacker can extract private keys from the Software of the affected devices...

EUVD-2012-4009

Malware in sbrugna...

EUVD-2021-21517

Malware in sbrugna...

EUVD-2020-17948

Malware in sbrugna...

EUVD-2011-1330

Malware in sbrugna...

EUVD-2013-0493

Malware in sbrugna...

EUVD-2025-19700

Malicious code in bioql PyPI...

EUVD-2024-39614

Malicious code in bioql PyPI...

EUVD-2022-1896

Malicious code in bioql PyPI...

CVE-2012-4065

Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to bypass unspecified authorization checks and obtain direct access to a 1 Cloud Controller or 2 Walrus service via a crafted message, as demonstrated by...

CVE-2012-4064

Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to gain privileges by sending a message to 1 Cloud Controller or 2 Walrus with the internal message format and a modified user id...

VulnCheck KEV: CVE-2016-6563

Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822,...

CVE-2024-42420

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed...

CVE-2024-42420

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed...

CVE-2024-42420

CVE-2024-42420 affects Sharp and Toshiba Tec MFPs. It involves multiple out-of-bounds read vulnerabilities (CWE-125) caused by improper processing of keyword search input and SOAP messages. Exploitation could be triggered by crafted HTTP requests, potentially crashing affected devices. Remediatio...

CVE-2024-42420

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed...