67 matches found
CVE-2019-12759
Symantec Endpoint Protection Manager SEPM and Symantec Mail Security for MS Exchange SMSMSE, prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software applicati...
EUVD-2020-26975
Malware in sbrugna...
EUVD-2020-26977
Malware in sbrugna...
EUVD-2019-19060
Malware in sbrugna...
EUVD-2020-26987
Malware in sbrugna...
EUVD-2020-26978
Malware in sbrugna...
EUVD-2024-40247
Malicious code in bioql PyPI...
PT-2025-31719 · Partner · Partner Web Application +1
Name of the Vulnerable Software and Affected Versions: Partner Software Product affected versions not specified Partner Web application affected versions not specified Description: Partner Software’s Partner Software Product and corresponding Partner Web application utilize the same default...
CVE-2025-50080
The CVE entry CVE-2025-50080 concerns Oracle MySQL Server (Server: Stored Procedure). Affected versions are MySQL 8.0.0–8.0.42, 8.4.0–8.4.5 and 9.0.0–9.3.0. The vulnerability allows a high-privilege attacker who has network access via multiple protocols to cause a hang or a frequently repeatable ...
CVE-2019-19548
Norton Power Eraser, prior to 5.3.0.67, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user...
CVE-2025-30715
...
CVE-2023-41884
ZoneMinder is a free, open source Closed-circuit television software application. In WWW/AJAX/watch.php, Line: 51 takes a few parameter in sql query without sanitizing it which makes it vulnerable to sql injection. This vulnerability is fixed in 1.36.34...
CVE-2023-41884 ZoneMinder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in watch.php
ZoneMinder is a free, open source Closed-circuit television software application. In WWW/AJAX/watch.php, Line: 51 takes a few parameter in sql query without sanitizing it which makes it vulnerable to sql injection. This vulnerability is fixed in 1.36.34...
mySCADA myPRO Trust Management Issues Vulnerabilities
mySCADA myPRO is a software application. myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. A trust management issue vulnerability exists in versions of mySCADA myPRO prior to 8.31.0 that stems from the use of hardcoded passwords...
BIT-SUITECRM-2024-36415 SuiteCRM Improper Control of Filename for Include Statement in PHP and Unrestricted Upload of File with Dangerous content leads to authenticated remote code execution
SuiteCRM is an open-source Customer Relationship Management CRM software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in uploaded file verification in products allows for remote code execution. Versions 7.14.4 and 8.6.1 contain a fix for this issue...
CVE-2024-36419
SuiteCRM is an open-source Customer Relationship Management CRM software application. A vulnerability in versions prior to 8.6.1 allows for Host Header Injection when directly accessing the /legacy route. Version 8.6.1 contains a patch for the issue...
CVE-2024-36416
SuiteCRM is an open-source Customer Relationship Management CRM software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. Versions 7.14.4 and 8.6.1 contain a fix for this issue...
CVE-2024-36416 SuiteCRM v4 API Excessive log data DOS
SuiteCRM is an open-source Customer Relationship Management CRM software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. Versions 7.14.4 and 8.6.1 contain a fix for this issue...
CVE-2024-36417 SuiteCRM Stored XSS Vulnerability Allows Code Execution via Malicious iFrame
SuiteCRM is an open-source Customer Relationship Management CRM software application. Prior to versions 7.14.4 and 8.6.1, an unverified IFrame can be added some some inputs, which could allow for a cross-site scripting attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue...
CVE-2024-36415
CVE-2024-36415 affects SuiteCRM versions prior to 7.14.4 and 8.6.1, where a flaw in uploaded file verification enables remote code execution. The issue is fixed in 7.14.4 and 8.6.1; upgrading to those versions is the supported remediation. Exploitation status is not detailed in the provided docum...