CVE-2026-3428

A Download of Code Without Integrity Check vulnerability in the update modules in ASUS Member Center华硕大厅 allows a local user to achieve privilege escalation to Administrator via exploitation of a Time-of-check Time-of-use TOC-TOU during the update process, where an unexpected payload is substitut...

EUVD-2005-1304

Malware in sbrugna...

EUVD-2022-2428

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an ACPI/pfrupdate module driver update version checking error...

MAL-2025-32610 Malicious code in sadr-cache-update-module (npm)

The package sadr-cache-update-module was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2015-7943

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module...

jexboss

This is a Python script for a tool called JexBoss, which is designed to exploit vulnerabilities in JBoss Application Server and other Java platforms. The script is written in Python 2.7 and uses the urllib3 library for HTTP requests. The script has several modules, including exploits.py,...

CVE-2024-45450

Permission control vulnerability in the software update module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2020-15887

A SQL injection vulnerability in softwareupdatecontroller.php in the Software Update module before 1.6 for MunkiReport allows attackers to execute arbitrary SQL commands via the last URL parameter of the /module/softwareupdate/gettabdata/ endpoint...

Huawei HarmonyOS and EMUI Privilege Control Vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. A privilege control vulnerability exists in Huawei...

CVE-2024-45450

Permission control vulnerability in the software update module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2024-45450

Permission control vulnerability in the software update module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

Huawei EMUI和Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. A privilege control vulnerability exists in Huawei...

PT-2024-31640 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue is related to a permission control vulnerability in the software update module. Successful exploitation of this vulnerability may affect service confidentiality. Recommendations:...

PT-2023-36197 · Unknown +1 · Python-Pyzmq +1

Name of the Vulnerable Software and Affected Versions: salt versions prior to 3006.0 python-pyzmq versions prior to 17.1.2 Description: The update for salt and python-pyzmq fixes several issues, including collections Mapping issues, conflicts with Salt dependencies versions, and failures due to t...

Internet Download Manager v6.41 Build 3 - Remote Code Execution Vulnerability

Exploit Title: Internet Download Manager v6.41 Build 3 - Remote Code Execution RCE Exploit Author: M. Akil Gündoğan Contact: https://twitter.com/akilgundogan Vendor Homepage: https://www.internetdownloadmanager.com/ Software Link:...

Internet Download Manager v6.41 Build 3 - Remote Code Execution (RCE)

Exploit Title: Internet Download Manager v6.41 Build 3 - Remote Code Execution RCE Date: 15.11.2022 Exploit Author: M. Akil Gündoğan Contact: https://twitter.com/akilgundogan Vendor Homepage: https://www.internetdownloadmanager.com/ Software Link:...

CVE-2020-21119

CVE-2020-21119 refers to a SQL Injection vulnerability in Kliqqi-CMS 2.0.2. The issue resides in admin/admin_update_module_widgets.php, specifically in the recordIDValue parameter, enabling an attacker to gain escalated privileges and execute arbitrary code. The available connected documents cons...

GHSA-5VPR-V24W-MMJJ Drupal cross site scripting vulnerability

A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit. For Drupal 8, this vulnerability was already fixed in Drupal 8.4.0 in the Drupal...

Drupal core - Moderately critical - Cross site scripting - SA-CORE-2022-002

jQuery UI is a third-party library used by Drupal. This library was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 version. In addition to the issue covered by SA-CORE-2022-001, further security...