15 matches found
EUVD-2020-26744
Malware in sbrugna...
EUVD-2002-0790
Malware in sbrugna...
EUVD-2018-14492
Malware in sbrugna...
EUVD-2000-0367
Malware in sbrugna...
EUVD-2024-17383
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-22244
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper authorization in the vulnerability report feature in GitLab EE affecting all versions since 13.1 allowed a reporter to access vulnerability data...
CVE-2024-4319
The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'vszcf7exporttoexcel' function in versions up to, and including, 2.0.2. This makes it possible for unauthenticated attackers to download the entry data for...
CVE-2022-45166
An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a set of user-controlled parameters that are used to act on the data returned to the user. It allows a basic user to access data unrelated to their role...
CVE-2022-31472
Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet...
CVE-2022-39406
Vulnerability in the PeopleSoft Enterprise Common Components product of Oracle PeopleSoft component: Approval Framework. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...
BIT-GITLAB-2021-22244
Improper authorization in the vulnerability report feature in GitLab EE affecting all versions since 13.1 allowed a reporter to access vulnerability data...
Missing Permission Checks
com.hazelcast:hazelcast is vulnerable to Missing Permission Checks. The vulnerability is due to some client operations not checking permissions properly. This flaw allowing authenticated users to access data stored in the cluster...
CVE-2022-47411
An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations...
icc-industrial.com Improper Access Control vulnerability
Open Bug Bounty ID: OBB-1153999 Security Researcher kun-fly Helped patch 790 vulnerabilities Received 7 Coordinated Disclosure badges Received 43 recommendations , a holder of 7 badges for responsible and coordinated disclosure, found a security vulnerability affecting icc-industrial.com website...
CVE-2017-3571
CVE-2017-3571 affects Oracle PeopleSoft Enterprise SCM eBill Payment (component: Security) version 9.2. A vulnerability allows a high-privilege attacker with network access via HTTP to compromise the SCM eBill Payment component, potentially enabling unauthorized creation, deletion or modification...