16 matches found
EUVD-2021-27069
Malware in sbrugna...
EUVD-2022-49120
Malicious code in bioql PyPI...
CVE-2025-46747
An authenticated user without user-management permissions could identify other user accounts...
CVE-2025-46747
An authenticated user without user-management permissions could identify other user accounts...
CVE-2025-46747 Exposure of Sensitive System Information
An authenticated user without user-management permissions could identify other user accounts...
CVE-2022-46303
Command injection in SMS notifications in Tribe29 Checkmk = 2.1.0p10, Checkmk = 2.0.0p27, and Checkmk = 1.6.0p29 allows an attacker with User Management permissions, as well as LDAP administrators in certain scenarios, to perform arbitrary commands within the context of the application's local...
Command injection
Command injection in SMS notifications in Tribe29 Checkmk = 2.1.0p10, Checkmk = 2.0.0p27, and Checkmk = 1.6.0p29 allows an attacker with User Management permissions, as well as LDAP administrators in certain scenarios, to perform arbitrary commands within the context of the application's local...
CVE-2022-46303
Command injection in SMS notifications in Tribe29 Checkmk = 2.1.0p10, Checkmk = 2.0.0p27, and Checkmk = 1.6.0p29 allows an attacker with User Management permissions, as well as LDAP administrators in certain scenarios, to perform arbitrary commands within the context of the application's local...
CVE-2022-46303 Command injection in SMS notifications
Command injection in SMS notifications in Tribe29 Checkmk = 2.1.0p10, Checkmk = 2.0.0p27, and Checkmk = 1.6.0p29 allows an attacker with User Management permissions, as well as LDAP administrators in certain scenarios, to perform arbitrary commands within the context of the application's local...
CVE-2022-46303 Command injection in SMS notifications
Command injection in SMS notifications in Tribe29 Checkmk = 2.1.0p10, Checkmk = 2.0.0p27, and Checkmk = 1.6.0p29 allows an attacker with User Management permissions, as well as LDAP administrators in certain scenarios, to perform arbitrary commands within the context of the application's local...
CVE-2022-46303
CVE-2022-46303 documents a command injection in SMS notifications for Tribe29 Checkmk prior to versions 2.1.0p10, 2.0.0p27, and 1.6.0p29. Affected by a vulnerability that allows an attacker with User Management permissions (and, in some scenarios, LDAP administrators) to run arbitrary commands wi...
UBUNTU-CVE-2021-23225
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "newusername" field during creation of a new user via "Copy" method at useradmin.php...
CVE-2021-23225
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "newusername" field during creation of a new user via "Copy" method at useradmin.php...
CVE-2010-5277
Unspecified vulnerability in the Views Bulk Operations module 6 before 6.x-1.10 for Drupal allows remote authenticated users with user management permissions to bypass intended access restrictions and delete anonymous users user 0 via unspecified vectors...
CVE-2010-5277
Unspecified vulnerability in the Views Bulk Operations module 6 before 6.x-1.10 for Drupal allows remote authenticated users with user management permissions to bypass intended access restrictions and delete anonymous users user 0 via unspecified vectors...
CVE-2010-5277
The CVE-2010-5277 issue affects the Drupal module Views Bulk Operations (VBO) for Drupal 6.x prior to 6.x-1.10 . The vulnerability allows remote authenticated users with user management permissions to bypass access restrictions and delete the anonymous user (user 0) via vectors described in the D...