11 matches found
EUVD-2018-1004
Malware in sbrugna...
EUVD-2022-28942
Malicious code in bioql PyPI...
CVE-2025-55370
Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5 allows unauthorized attackers to obtain all the corresponding ID data by modifying the ID value...
GHSA-XFM3-HJCC-GV78 Any value can be changed in the configuration table by an employee having access to block reassurance module
Impact An ajax function in module blockreassurance allows modifying any value in the configuration table Patches v5.1.4 Workarounds no workaround available References...
PrestaShop blockreassurance security breach
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image zoom. A security vulnerability exists in PrestaShop blockreassurance version 5.1.3 and earlier versions, which stems...
SUSE CVE-2010-0622
The wakefutexpi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance PI futex, which allows local users to cause a denial of service OOPS and possibly have unspecified other impact via vectors involving...
CVE-2021-37001
There is a Register tampering vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow the register value to be modified...
Command injection
From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command which was designed to patch the application binary. This "patching" command defaults to calling a trusted binary, but might be modified to an arbitrary value through a "c2-update" command. Said command ...
Design/Logic Flaw
The login implementation in AirDroid 1.0.4 beta allows remote attackers to bypass a multiple-login protection mechanism by modifying a pass value within JSON data...
PT-2008-5939 · Hummingbird · Hummingbird Deployment Wizard
Name of the Vulnerable Software and Affected Versions: Hummingbird Deployment Wizard 2008 version 10.0.0.44 Description: The issue concerns insecure methods in the DeployRun.DeploymentSetup.1 ActiveX control, allowing remote attackers to execute arbitrary programs via the Run and PerformUpdateAsy...
ruby -- arbitrary command execution on XMLRPC server
Nobuhiro IMAI reports: the default value modification on Modulepublicinstancemethods from false to true breaks s.addhandlerXMLRPC::iPIMethods"sample", MyHandler.new style security protection. This problem could allow a remote attacker to execute arbitrary commands on XMLRPC server of libruby...