201 matches found
EUVD-2016-7929
Malware in sbrugna...
EUVD-2021-27515
Malicious code in bioql PyPI...
CVE-2025-55169
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a path traversal vulnerability was discovered in the WeGIA application, html/socio/sistema/downloadremessa.php endpoint. This vulnerability could allow an attacker to...
CVE-2025-5158
A vulnerability was found in H3C SecCenter SMP-E1114P02 up to 20250513. It has been declared as problematic. This vulnerability affects the function downloadSoftware of the file /cfgFile/downloadSoftware. The manipulation of the argument filename leads to path traversal. The attack can be initiat...
[SECURITY] Fedora 41 Update: crosswords-puzzle-sets-xword-dl-0.4.8-1.fc41
Download crossword puzzles for GNOME Crosswords from assorted newspapers using xword-dl...
CVE-2024-42450
The Versa Director uses PostgreSQL Postgres to store operational and configuration data. It is also needed for High Availability function of the Versa Director. The default configuration has a common password across all instances of Versa Director. By default, Versa Director configures Postgres t...
CVE-2023-4499
A potential security vulnerability has been identified in the HP ThinUpdate utility also known as HP Recovery Image and Software Download Tool which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability...
CVE-2023-4499
A potential security vulnerability has been identified in the HP ThinUpdate utility also known as HP Recovery Image and Software Download Tool which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability...
CVE-2023-4499
CVE-2023-4499 affects HP ThinUpdate (Recovery Image/Software Download Tool). The connected sources confirm an improper server certificate verification (CWE-295) in HP ThinUpdate, enabling potential information disclosure via MITM; affected versions prior to 2.7.15. HP has mitigations and instruct...
HP ThinUpdate Trust Management Issue Vulnerability
HP ThinUpdate is an application from Hewlett-Packard HP USA. It allows you to download system images and software add-ons from HP, capture HP Thin Client images, create ISO files, and more! A security vulnerability exists in the HP ThinUpdate utility HP Recovery Image and Software Download Tool,...
WordPress Backup Migration 1.2.8 Plugin - Unauthenticated Database Backup Vulnerability
Exploit Title: WordPress Plugin Backup Migration 1.2.8 - Unauthenticated Database Backup Google Dork: intitle:"Index of /wp-content/plugins/backup-backup" AND inurl:"plugins/backup-backup/" Exploit Author: Wadeek Vendor Homepage: https://backupbliss.com/ Software Link:...
Rukovoditel 3.3.1 - Remote Code Execution Vulnerability
Exploit Title: Rukovoditel 3.3.1 - Remote Code Execution RCE Version: 3.3.1 Bugs: rce via jpeg file upload Technology: PHP Vendor URL: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Date of found: 12-03-2023 Author: Mirabbas Ağalarov Tested on: Linux 2...
Yoga Class Registration System v1.0 - Multiple SQLi
Exploit Title: Yoga Class Registration System v1.0 - Multiple SQLi Date: 19/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.html Software...
Security Bulletin: Crypto Hardware Initialization and Maintenance is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44832)
Summary Crypto Hardware Initialization and Maintenance CHIM as shipped with IBM Common Cryptographic Architecture CCA for MTM 4769 is affected by a vulnerability in Apache Log4j CVE-2021-44832. CHIM is using Apache Log4j for internal logging purposes of regular user activity. The fix includes...
Fingerprint Attendance 1.0 SQL Injection Vulnerability
Title: Fingerprint Attendance 1.0 Blind boolean SQLi To Rce Author: Hejap Zairy Vendor: https://www.vetbossel.in/fingerprint-attendance-project-php/ Software: https://app.box.com/s/xlyqalhvayq8oi25tqykcbouzrrjytqy Reference: https://github.com/Matrix07ksa Tested on: Windows, MySQL, Apache Steps 1...
Cisco Small Business 缓冲区错误漏洞
Cisco Small Business is a switch from Cisco USA. A buffer error vulnerability exists in the Cisco Small Business RV Series routers, which results from improper validation of an SSL server certificate received when establishing a connection to a specific remote server. An attacker could exploit th...
Purple Fox rootkit now bundled with Telegram installer
The Purple Fox rootkit is being spread as an installer for the popular Telegram instant messaging app for Windows, according to researchers. Its not clear how the installer in this case was distributed, although it seems like at least some were delivered via email. Common distribution methods for...
CVE-2021-20722
Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7.0L20 and the Software Download Installer prior to WinSSInst2JP.exe and WinSSInst2iX1500JP.exe allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the...
CVE-2021-20722
Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7.0L20 and the Software Download Installer prior to WinSSInst2JP.exe and WinSSInst2iX1500JP.exe allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the...
CVE-2021-20722
Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7.0L20 and the Software Download Installer prior to WinSSInst2JP.exe and WinSSInst2iX1500JP.exe allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the...