27 matches found
EUVD-2000-0434
Malware in sbrugna...
EUVD-2020-24616
Malware in sbrugna...
EUVD-2022-29674
Malicious code in bioql PyPI...
EUVD-2024-50625
Malicious code in bioql PyPI...
EUVD-2022-29672
Malicious code in bioql PyPI...
CVE-2024-5890
ServiceNow has addressed an HTML injection vulnerability that was identified in the Now Platform. This vulnerability could potentially enable an unauthenticated user to modify a web page or redirect users to another website. ServiceNow released updates to customers that addressed this...
CVE-2024-12142
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure of restricted web page, modification of web page and denial of service when specific web pages are modified and restricted functions are invoked...
CVE-2024-12142
Schneider Electric Modicon M340, BMXNOE0100/0110 and BMXNOR0200H are affected by CVE-2024-12142 (CWE-200: Exposure of Sensitive Information to an Unauthorized Actor). The vulnerability allows information disclosure for restricted web pages, modification of web pages, and denial of service when sp...
CVE-2024-12142
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure of restricted web page, modification of web page and denial of service when specific web pages are modified and restricted functions are invoked...
CVE-2024-12142
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure of restricted web page, modification of web page and denial of service when specific web pages are modified and restricted functions are invoked...
Schneider Electric Modicon M340 信息泄露漏洞
The Schneider Electric Modicon M340 is a mid-range PLC programmable logic controller for industrial processes and infrastructure from Schneider Electric France. An information disclosure vulnerability exists in the Schneider Electric Modicon M340, which stems from the inclusion of an Exposure of...
CVE-2024-5890
Technical details beyond the description are not provided in the connected documents. Monitor for updates from ServiceNow and vendors; apply patches when available.
ServiceNow Now Platform 安全漏洞
ServiceNow Now Platform is a cloud-based platform from US-based ServiceNow that uses AI and machine learning to automate and optimize work across the enterprise. A security vulnerability exists in ServiceNow Now Platform that stems from the presence of an HTML injection vulnerability that could...
OpenCMS Cross-Site Scripting vulnerability
Two Cross-Site Scripting vulnerabilities have been discovered in Alkacon's OpenCMS affecting version 16, which could allow a user: with sufficient privileges to create and modify web pages through the admin panel, can execute malicious JavaScript code, after inserting code in the title field...
ROS-20230911-07
A vulnerability in the Moodle virtual learning environment is related to insufficient validation of user input data. data, an attacker could send a specially crafted HTTP request and make the application initiate requests to arbitrary systems. Exploitation of the vulnerability could allow an...
CVE-2022-45150
A reflected cross-site scripting vulnerability was discovered in Moodle. This flaw exists due to insufficient sanitization of user-supplied data in policy tool. An attacker can trick the victim to open a specially crafted link that executes an arbitrary HTML and script code in user's browser in...
CVE-2022-45150
A reflected cross-site scripting vulnerability was discovered in Moodle. This flaw exists due to insufficient sanitization of user-supplied data in policy tool. An attacker can trick the victim to open a specially crafted link that executes an arbitrary HTML and script code in user's browser in...
CVE-2021-1420
A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user's browser. The vulnerability is due to improper checks on parameter values in affected pages. An attacker could exploit this vulnerability by...
Design/Logic Flaw
A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user's browser. The vulnerability is due to improper checks on parameter values in affected pages. An attacker could exploit this vulnerability by...
Siemens XHQ SQL Injection Vulnerability
Siemens XHQ is a software platform that aggregates plant or pipeline operational data, processes it in a goal-oriented manner, and then makes decisions in real time to effectively improve plant or pipeline operational performance. A SQL injection vulnerability exists in Siemens XHQ versions prior...