OpenClaw License Issue Vulnerability (CNVD-2026-16679)

OpenClaw is a command line tool for rights management. A security vulnerability exists in versions of OpenClaw prior to 2026.3.11 that stems from insufficient authorization checking of subagent control requests, resulting in a leaf child agent being able to access the subagent control plane and...

CVE-2020-37153

ASTPP 4.0.1 contains multiple vulnerabilities including cross-site scripting and command injection in SIP device configuration and plugin management interfaces. Attackers can exploit these flaws to inject system commands, hijack administrator sessions, and potentially execute arbitrary code with...

CVE-2020-37153 ASTPP VoIP 4.0.1 - Remote Code Execution

ASTPP 4.0.1 contains multiple vulnerabilities including cross-site scripting and command injection in SIP device configuration and plugin management interfaces. Attackers can exploit these flaws to inject system commands, hijack administrator sessions, and potentially execute arbitrary code with...

CVE-2020-37153 ASTPP VoIP 4.0.1 - Remote Code Execution

ASTPP 4.0.1 contains multiple vulnerabilities including cross-site scripting and command injection in SIP device configuration and plugin management interfaces. Attackers can exploit these flaws to inject system commands, hijack administrator sessions, and potentially execute arbitrary code with...

EUVD-2008-1334

Malware in sbrugna...

CVE-2023-20902

A timing condition in Harbor 2.6.x and below, Harbor 2.7.2 and below, Harbor 2.8.2 and below, and Harbor 1.10.17 and below allows an attacker with network access to create jobs/stop job tasks and retrieve job task information...

CVE-2024-4843

ePO doesn't allow a regular privileged user to delete tasks or assignments. Insecure direct object references that allow a least privileged user to manipulate the client task and client task assignments, hence escalating his/her privilege...

Trellix ePolicy Orchestrator 安全漏洞

Trellix ePolicy Orchestrator is a centralized security management platform from Trellix. A security vulnerability exists in Trellix ePolicy Orchestrator versions prior to 5.10 that stems from the presence of an insecure direct object reference that allows a low-privileged user to manipulate clien...

CVE-2023-0238

Due to lack of a security policy, the WARP Mobile Client =6.29 for Android was susceptible to this vulnerability which allowed a malicious app installed on a victim's device to exploit a peculiarity in an Android function, wherein under certain conditions, the malicious app could dictate the task...

WSS Project Management System version 1.3.2 de***.php has an override access vulnerability

WSS Project Management System is a browser-based collaborative office platform that integrates "Project Management", "Task Management", "Work Hour Management", "Work Log Management" and "Work Log Management". management" as one of the collaborative office platform. A vulnerability exists in de.ph...

IBM Business Process Manager Information Disclosure Vulnerability (CNVD-2018-08191)

IBM Business Process Manager BPM is a comprehensive set of business process management platform from IBM in the United States. The platform provides a range of tools related to process modeling, assembly, monitoring and deployment for business. A security vulnerability exists in IBM BPM version 8...

Information disclosure

Gallarific does not require authentication for 1 users.php and 2 index.php, which allows remote attackers to add and edit tasks via a direct request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-1327

Gallarific does not require authentication for 1 users.php and 2 index.php, which allows remote attackers to add and edit tasks via a direct request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...