Versa Concerto Improper Authentication Vulnerability

Versa Concerto SD-WAN orchestration platform contains an improper authentication vulnerability in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs...

EUVD-2011-1318

Malware in sbrugna...

EUVD-2017-10811

Malware in sbrugna...

EUVD-2013-3210

Malware in sbrugna...

EUVD-2020-25330

Malware in sbrugna...

EUVD-2018-12367

Malware in sbrugna...

EUVD-2019-14338

Malware in sbrugna...

EUVD-2025-16087

Malicious code in bioql PyPI...

EUVD-2023-34848

Malicious code in bioql PyPI...

EUVD-2022-24467

Malicious code in bioql PyPI...

EUVD-2025-27543

Malicious code in bioql PyPI...

CVE-2025-10221

Insertion of Sensitive Information into Log File CWE-532 in the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on Windows platforms allows a local attacker to obtain plaintext credentials via reading TRACE log files containing serialized JSON with passwords...

CVE-2025-10221

Insertion of Sensitive Information into Log File CWE-532 in the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on Windows platforms allows a local attacker to obtain plaintext credentials via reading TRACE log files containing serialized JSON with passwords...

CVE-2025-10221

CVE-2025-10221 concerns the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on Windows. The root cause is insertion of sensitive information into TRACE log files, allowing a local attacker to read serialized JSON with passwords and obtain plaintext credentials....

PT-2025-37039

Name of the Vulnerable Software and Affected Versions: AxxonSoft Axxon One / AxxonNet versions 2.0.4 and earlier Description: The ARP Agent component in AxxonSoft Axxon One / AxxonNet contains a flaw where sensitive information is inserted into log files. A local attacker can obtain plaintext...

CVE-2022-1124

An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0, allowing Guest project members to access trace log of jobs when it is enabled...

CVE-2025-34026

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs.This issue is kno...

CVE-2025-34026

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs.This issue is kno...

PT-2025-22440

Name of the Vulnerable Software and Affected Versions Versa Concerto versions 12.1.2 through 12.2.0 Description The Versa Concerto SD-WAN orchestration platform has an authentication bypass issue in the Traefik reverse proxy configuration. This allows an attacker to access administrative endpoint...

IBM OpenPages 安全漏洞

IBM OpenPages is an AI-driven, highly scalable governance, risk and compliance GRC solution from International Business Machines IBM. A security vulnerability exists in IBM OpenPages that stems from the possibility that under certain configurations, sensitive information may be written in plainte...