17 matches found
EUVD-2026-36749
An issue in Boyleep K11, y108 firmware v.2.3.0.11291 allows a physically proximate attacker to execute arbitrary code via the factory test feature...
CVE-2026-36933
The CVE-2026-36933 issue affects Boyleep K11 y108 firmware v2.3.0.11291. A physically proximate attacker can execute arbitrary code via the factory test feature. The impact is described as high for confidentiality, integrity, and availability; the root cause is tied to the factory test feature, w...
CVE-2026-36933
An issue in Boyleep K11, y108 firmware v.2.3.0.11291 allows a physically proximate attacker to execute arbitrary code via the factory test feature...
CVE-2026-43685
A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject arbitrary operating system commands through unsanitized input in the External ODBC Data Source connection test feature. This issue is fixed in FileMaker Cloud 2.22.0.5...
CVE-2026-43685
A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject arbitrary operating system commands through unsanitized input in the External ODBC Data Source connection test feature. This issue is fixed in FileMaker Cloud 2.22.0.5...
CVE-2025-12141 Grafana Alerting Editors can edit destination of webhooks they did not create
In Grafana's alerting system, users with edit permissions for a contact point, specifically the permissions “alert.notifications:write” or “alert.notifications.receivers:test” that are granted as part of the fixed role "Contact Point Writer", which is part of the basic role Editor - can edit...
EUVD-2020-1905
Malware in sbrugna...
EUVD-2018-6510
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-14603
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. CSRF can occur in the Test...
OverIT Geocall 代码问题漏洞
OverIT Geocall is a field service management solution from OverIT Italy. A code issue vulnerability exists in OverIT Geocall prior to version 8.0, which originates from an XXE vulnerability that can be exploited by an authenticated user with the Test Trasformazione XSL feature enabled to read...
Command injection
In the FPC TrustZone fingerprint App, there is a possible invalid command handler due to an exposed test feature. This could lead to local escalation of privilege in the TEE, with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Andro...
CVE-2018-14603
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. CSRF can occur in the Test feature of the System Hooks component...
Cross site request forgery (csrf)
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. CSRF can occur in the Test feature of the System Hooks component...
CVE-2018-14603
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. CSRF can occur in the Test feature of the System Hooks component...
UBUNTU-CVE-2018-14603
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. CSRF can occur in the Test feature of the System Hooks component...
CVE-2018-14603
CVE-2018-14603 affects GitLab Community and Enterprise Edition prior to 10.8.7, 11.0.x prior to 11.0.5, and 11.1.x prior to 11.1.2. The vulnerability is a CSRF in the System Hooks Test feature. Exploitation would require user interaction (per CVSSv3: UI=REQUIRED; no privileges needed) and could i...
CVE-2018-14603
Removed by vendor...