EUVD-2021-10377

Malware in sbrugna...

EUVD-2024-22150

Malicious code in bioql PyPI...

CVE-2021-23282 Stored Cross-site Scripting reported in Intelligent Power Manager v1

Eaton Intelligent Power Manager IPM prior to 1.70 is vulnerable to stored Cross site scripting. The vulnerability exists due to insufficient validation of input from certain resources by the IPM software. The attacker would need access to the local Subnet and an administrator interaction to...

CVE-2021-23282

CVE-2021-23282 affects Eaton Intelligent Power Manager (IPM) versions prior to 1.70. The issue is a stored cross-site scripting vulnerability caused by insufficient validation of input from certain resources in the IPM software. Exploitation requires access to the local subnet and administrator i...

PT-2023-27872 · Google · Android Debug Bridge

Name of the Vulnerable Software and Affected Versions: TPC-110W device affected versions not specified Description: The issue allows an unprivileged user with access to the subnet of the device to gain a root shell on the device itself by exploiting the lack of authentication of the su binary fil...

CVE-2021-23288

The vulnerability exists due to insufficient validation of input from certain resources by the IPP software. The attacker would need access to the local Subnet and an administrator interaction to compromise the system. This issue affects: Intelligent Power Protector versions prior to 1.69...

Intelligent Power Protector 跨站脚本漏洞

Intelligent Power Protector is a Intelligent Power Program. A security vulnerability exists in Intelligent Power Protector versions prior to 1.69 that stems from insufficient validation of certain resource inputs by the IPP software. An attacker could exploit this vulnerability to access the loca...

CVE-2021-33716

A vulnerability has been identified in SIMATIC CP 1543-1 incl. SIPLUS variants All versions V3.0, SIMATIC CP 1545-1 All versions V1.1. An attacker with access to the subnet of the affected device could retrieve sensitive information stored in cleartext...

Siemens SIMATIC CP (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CP 1543-1 incl. SIPLUS variants and SIMATIC CP 1545-1 Vulnerability: Cleartext Storage of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a follow-up to...

PT-2021-20292 · Siemens · Simatic Cp 1545-1 +1

Name of the Vulnerable Software and Affected Versions: SIMATIC CP 1543-1 incl. SIPLUS variants versions prior to V3.0 SIMATIC CP 1545-1 versions prior to V1.1 Description: A vulnerability has been identified that allows an attacker with access to the subnet of the affected device to retrieve...

CVE-2021-21482

SAP NetWeaver Master Data Management, versions - 710, 710.750, allows a malicious unauthorized user with access to the MDM Server subnet to find the password using a brute force method. If successful, the attacker could obtain access to highly sensitive data and MDM administrative privileges...

CVE-2018-17195

The template upload API endpoint accepted requests from different domain when sent in conjunction with ARP spoofing + man in the middle MiTM attack, resulting in a CSRF attack. The required attack vector is complex, requiring a scenario with client certificate authentication, same subnet access,...

CVE-2014-8582

CVE-2014-8582 affects FortiNet FortiADC-E (firmware 3.1.1 prior to 4.0.5) and Coyote Point Equalizer (firmware 10.2.0a). The vulnerability allows remote attackers to obtain access to arbitrary subnets via unspecified vectors. Core impact per linked records: partial confidentiality and partial int...

Loadbalancer.org Enterprise VA 7.5.2 - Static SSH Key Vulnerability

The Loadbalancer.org Virtual Appliance is a revolution in software load balancing. The software is simple to install on Windows, Mac & Linux and does not have any adverse effects on the host operating system. Details: ---------- 0x01 - SSH Private Key Loadbalancer.org Enterprise VA 7.5.2 contains...

UBUNTU-CVE-2012-4503

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to 1 an invalid subnet in a RPYSUBNETSACCESSED command to the handlesubnetsaccessed function or 2 a RPYCLIENTACCESSES command to the handleclientaccesses functi...