EUVD-2025-1660

Malicious code in bioql PyPI...

EUVD-2023-39865

Malicious code in bioql PyPI...

CVE-2025-0413

Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the targe...

CVE-2025-0413 Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability

Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the targe...

CVE-2025-0413 Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability

Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the targe...

CVE-2025-0413

Parallels Desktop is affected by CVE-2025-0413 in the Technical Data Reporter component. The flaw lets a local attacker with low privileges abuse symbolic links to change file permissions, enabling privilege escalation to root and potentially arbitrary code execution. Exploitation requires local ...

Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Technical...

PT-2025-3882 · Parallels · Parallels Desktop

Name of the Vulnerable Software and Affected Versions: Parallels Desktop affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target host...

Parallels Desktop 后置链接漏洞

Parallels Desktop is a suite of virtual machine software for the macOS platform from US-based Parallels, Inc. Parallels Desktop suffers from a backlink vulnerability that stems from an issue in the Technical Data Reporter component, whereby the service can be abused to change the permissions of...

Rockwell Automation 5015-AENFTXT Input Validation Error Vulnerability

Rockwell Automation 5015-AENFTXT is technical data from a Rockwell Automation FLEXHA 5000 I/O system specification. The Rockwell Automation 5015-AENFTXT has an input validation error vulnerability that can be exploited by an attacker to cause an unrecoverable failure of an auxiliary adapter...

CVE-2023-35872

The Message Display Tool MDT of SAP NetWeaver Process Integration - version SAPXIAF 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The...

Authentication flaw

The Runtime Workbench RWB of SAP NetWeaver Process Integration - version SAPXITOOL 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The...

CVE-2023-35873 Missing Authentication check in SAP NetWeaver Process Integration (Runtime Workbench)

The Runtime Workbench RWB of SAP NetWeaver Process Integration - version SAPXITOOL 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The...

PT-2023-4071 · Sap · Sap Netweaver Process Integration

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Process Integration version SAP XIAF 7.50 Description: The issue is related to the Message Display Tool MDT component of SAP NetWeaver Process Integration, which lacks proper authentication checks for certain functionalities. Th...

CVE-2016-8375

An issue was discovered in Becton, Dickinson and Company BD Alaris 8015 Point of Care PC unit, Version 9.5 and prior versions, and Version 9.7, and 8000 PC unit. An unauthorized user with physical access to an affected Alaris PC unit may be able to obtain unencrypted wireless network authenticati...

BD Alaris 8015 PC Unit (Update B)

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: Becton, Dickinson and Company BD Equipment: BD Alaris 8015 PC Unit Vulnerabilities: Insufficiently Protected Credentials, Security Features 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory...

ICSMA-17-017-01_BD Alaris 8000 Insufficiently Protected Credentials Vulnerability

OVERVIEW This advisory was originally posted to the NCCIC Portal on January 17, 2017, and is being released to the NCCIC/ICS-CERT web site. Becton, Dickinson and Company BD has identified an insufficiently protected credentials vulnerability in BD’s Alaris 8000 Point of Care PC unit, which provid...

CVE-2013-3982

The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to obtain unspecified installation information and technical data via a request to a public page...

Design/Logic Flaw

The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to obtain unspecified installation information and technical data via a request to a public page...

Analysis Shows Some URL Shorteners Often Point to Untrusted Websites

In an analysis of 1.7 billion shortened URLs, researchers at Web of Trust found that 8.7 percent of TinyURLs and five percent of Bit.ly URLs lead to sites that received poor ratings for ‘trustworthiness’ and ‘child protection.’ “Certainly the URL shortening services don’t intend to point people t...