EUVD-2020-6645

Malware in sbrugna...

EUVD-2023-34351

Malicious code in bioql PyPI...

EUVD-2023-48037

Malicious code in bioql PyPI...

EUVD-2025-21410

Malicious code in bioql PyPI...

CVE-2025-6265

CVE-2025-6265 affects Zyxel NWA50AX PRO firmware versions 7.10(ACGE.2) and earlier. A path traversal vulnerability exists in the file_upload-cgi CGI program that could allow an authenticated administrator to access certain directories and delete files (e.g., the configuration file) on the device....

Canonical Ubuntu Linux SEoL (7.10.x)

According to its version, Canonical Ubuntu Linux is 7.10.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...

Cesanta Mongoose Web Server 7.10 Heap-based Buffer Overflow Vulnerability

Cesanta Mongoose Web Server is prone to a heap-based buffer overflow vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2023-2905

Due to a failure in validating the length of a provided MQTTCMDPUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not...

CVE-2023-2905

CVE-2023-2905 affects Cesanta Mongoose (embedded web server). The vulnerability is a heap-based buffer overflow caused by not validating the length of MQTT_CMD_PUBLISH parsed messages with a variable-length header in version 7.10. Versions 7.9 and earlier are not affected; the issue is resolved i...

CVE-2023-2905 Cesanta Mongoose MQTT Message Parsing Heap Overflow

Due to a failure in validating the length of a provided MQTTCMDPUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not...

SAP Enterprise Portal 跨站脚本漏洞

SAP Enterprise Portal is an application from SAP, Germany. A comprehensive integration and application platform that facilitates the alignment of people, information and business processes across organizational and technological boundaries. A cross-site scripting vulnerability in SAP Enterprise...

CVE-2021-27617

The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document uploaded from local source. An attacker can craft a malicious XML which when uploaded and parsed by the application, could lead to...

SAP NetWeaver AS JAVA Reverse Tabnabbing (2976947)

SAP Netweaver Application Server Java Applications based on WebDynpro Java versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. Note that Nessus has not tested for this issue but has instead...

Privilege escalation

ActFax Version 7.10 Build 0335 2020-05-25 is susceptible to a privilege escalation vulnerability due to insecure folder permissions on %PROGRAMFILES%\ActiveFax\Client, %PROGRAMFILES%\ActiveFax\Install\ and %PROGRAMFILES%\ActiveFax\Terminal. The folder permissions allow "Full Control" to...

CVE-2020-15843

ActFax Version 7.10 Build 0335 2020-05-25 is susceptible to a privilege escalation vulnerability due to insecure folder permissions on %PROGRAMFILES%\ActiveFax\Client, %PROGRAMFILES%\ActiveFax\Install\ and %PROGRAMFILES%\ActiveFax\Terminal. The folder permissions allow "Full Control" to...

SalesAgility SuiteCRM Input Validation Error Vulnerability

SalesAgility SuiteCRM is a suite of enterprise-grade open source customer relationship management CRM. An input validation error vulnerability exists in SalesAgility SuiteCRM versions 7.10.x prior to 7.10.23 and 7.11.x prior to 7.11.11. An attacker could exploit the vulnerability to bypass securi...

CVE-2020-8783

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection issue 1 of 4...

CVE-2019-14752

SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS...

CVE-2019-16922

SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows unintended public exposure of files...

Apple iCloud Security Updates (HT209451) - Windows

Apple iCloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:icloud"; ifdescription...