24 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-32916
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 EOL may cause sensitive form...
EUVD-2009-2932
Malware in sbrugna...
EUVD-2001-1383
Malware in sbrugna...
EUVD-2004-0705
Malware in sbrugna...
EUVD-2011-4770
Malware in sbrugna...
EUVD-2011-1837
Malware in sbrugna...
EUVD-2024-39566
Malicious code in bioql PyPI...
Ilevia EVE X1 Server 4.7.18.0.eden Credentials Leak Through Log Disclosure
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
copyparty vulnerable to path traversal attack
Summary All versions before 1.8.2 have a path traversal vulnerability, allowing an attacker to download unintended files from the server. Details Unauthenticated users were able to retrieve any files which are accessible according to OS-level permissions from the copyparty process. Usually, this ...
Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager
CVE-2022-1388-Exploit Test and Exploit Scripts for CVE 2022-13...
CVE-2021-3036
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to...
CVE-2021-3036 PAN-OS: Administrator secrets are logged in web server logs when using the PAN-OS XML API incorrectly
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to...
CVE-2021-3036
The CVE-2021-3036 issue affects Palo Alto Networks PAN-OS where secrets are logged in cleartext in web server logs when the PAN-OS XML API is used with duplicate API parameters. Affected component: PAN-OS XML API request handling; root cause: logging of administrator credentials (username, passwo...
PAN-OS: Administrator secrets are logged in web server logs when using the PAN-OS XML API incorrectly
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to...
Heineking Media stashcat app information disclosure vulnerability
Heineking Media stashcat app is an instant messaging application from Heineking Media, Germany. An information disclosure vulnerability exists in Heineking Media stashcat app version 3.9.1 and prior versions, which can be exploited by an attacker to obtain sensitive information by reading web...
Microsoft Office SharePoint CVE-2019-1032 Cross Site Scripting Vulnerability
Description Microsoft Office SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
reversemap - Analyse SQL injection attempts in web server logs
Analyse SQL injection attempts in web server logs The program can either be run in batch mode or interactive mode. In batch mode the program will accept Apache web server logs and will deobfuscate requested URLs from the logs. In interactive mode the program will prompt for user input and will...
Uber: Blind OOB XXE At "http://ubermovement.com/"
Test Summary : - POST data was set to &dtgmlf6ent; An HTTP request was initiated for the domain http://122.180.248.81/ which indicates that this script is vulnerable to XXE injection. NOTE : As it was Blind XXE Test I was Successful in Ping Test for XXE. But unable to retrieve any sensitive...
CVE-2014-6075
IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, place credentials in URLs, which allows remote attackers to obtain sensitive information by reading 1 web-server access logs, 2 web-serv...
Authentication flaw
report.cgi in Google Urchin allows remote attackers to bypass authentication and obtain sensitive information web server logs via certain modified query parameters, as demonstrated using the profile, rid, prefs, n, vid, bd, ed, dt, and gtype parameters, a different vulnerability than CVE-2007-511...