162 matches found
EUVD-2021-34728
IntelliChoice eFORCE Software Suite 2.5.9 contains a username enumeration vulnerability that allows attackers to enumerate valid users by exploiting the 'ctl00$MainContent$UserName' POST parameter. Attackers can send requests with valid usernames to retrieve user information...
Eaton Brightlayer Software Suite 安全漏洞
Eaton Brightlayer Software Suite is a digital infrastructure management software suite from Eaton Corporation USA. A security vulnerability exists in Eaton Brightlayer Software Suite version 7.3.0.SCP004, which originates from a privileged user being able to log in without sufficient credentials...
EUVD-2021-31301
Malicious code in bioql PyPI...
EUVD-2022-39104
Malicious code in bioql PyPI...
EUVD-2022-31746
Malicious code in bioql PyPI...
EUVD-2025-18968
Malicious code in bioql PyPI...
EUVD-2025-18969
Malicious code in bioql PyPI...
CVE-2025-34034
A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege...
CVE-2025-34033
An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded Linux devices via the pingaddr parameter in the webctrl.cgi script. The application fails to properly sanitize input before passing it to the system-level ping command. An authenticated attacker can...
CVE-2025-34034 5VTechnologies Blue Angel Software Suite Hardcoded Credentials
A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege...
CVE-2025-34033 5VTechnologies Blue Angel Software Suite OS Command Injection
An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded Linux devices via the pingaddr parameter in the webctrl.cgi script. The application fails to properly sanitize input before passing it to the system-level ping command. An authenticated attacker can...
CVE-2025-34033 5VTechnologies Blue Angel Software Suite OS Command Injection
An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded Linux devices via the pingaddr parameter in the webctrl.cgi script. The application fails to properly sanitize input before passing it to the system-level ping command. An authenticated attacker can...
PT-2025-26660 · Unknown · Blue Angel Software Suite
Name of the Vulnerable Software and Affected Versions: Blue Angel Software Suite affected versions not specified Description: An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded Linux devices via the ping addr parameter in the webctrl.cgi script. The...
PT-2025-26661
Name of the Vulnerable Software and Affected Versions: Blue Angel Software Suite affected versions not specified Description: A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and...
CVE-2024-37167
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users are able to see backlog items that they should not see. This issue has been patched in Tuleap Community Edition version 15.9.99.97...
CVE-2022-36391
Incorrect default permissions for the IntelR NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2021-44464
Vigilant Software Suite Mastermed Dashboard version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software...
CVE-2025-27150
Tuleap is an Open Source Suite to improve management of software developments and collaboration. The password to connect the Redis instance is not purged from the archive generated with tuleap collect-system-data. These archives are likely to be used by support teams that should not have access t...
Microsoft Office Code Problem Vulnerability (CNVD-2025-02965)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. Common components of this product include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code issue vulnerability exists in Microsoft Office. An attacker exploiting this vulnerability cou...
ROS-20240923-05
A vulnerability in the interpreter of the software suite for processing, transforming, and generating Ghostscript documents is related to errors in relative directory path handling. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a special...