EUVD-2009-0011

Malware in sbrugna...

EUVD-2020-7324

Malware in sbrugna...

CVE-2020-15327

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication...

Authentication Bypass

Zope Object Database ZODB Authentication Bypass. The vulnerability is due to certain configurations of Zope Enterprise Objects ZEO database sharing, which can be exploited by remote attackers via vectors involving the ZEO network protocol...

Zyxel CloudCNM SecuManager Trust Management Issue Vulnerability (CNVD-2022-68082)

Zyxel ZyXEL CloudCNM SecuManager is a suite of network management software from Zyxel Taiwan, China. A trust management issue vulnerability exists in Zyxel CloudCNM SecuManager ZODB, which can be exploited by remote attackers to submit a special request and obtain sensitive information without...

CVE-2020-15327

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication...

Authentication flaw

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication...

GHSA-M52M-2QPX-9J4J Zope Object Database (ZODB) Arbitrary files reading and deletion

Unspecified vulnerability in the Zope Enterprise Objects ZEO storage-server functionality in Zope Object Database ZODB 3.8 before 3.8.3 and 3.9.x before 3.9.0c2, when certain ZEO database sharing and blob support are enabled, allows remote authenticated users to read or delete arbitrary files via...

GHSA-5432-C996-HVHJ Zope Object Database (ZODB) Authentication bypass in ZEO storage servers

Zope Object Database ZODB before 3.8.2, when certain Zope Enterprise Objects ZEO database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO network protocol...

Zope Object Database (ZODB) Authentication bypass in ZEO storage servers

Zope Object Database ZODB before 3.8.2, when certain Zope Enterprise Objects ZEO database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO network protocol...

Zope Object Database (ZODB) vulnerable to arbitrary Python code execution in ZEO storage servers

Unspecified vulnerability in Zope Object Database ZODB before 3.8.2, when certain Zope Enterprise Objects ZEO database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol...

CVE-2021-21336

Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an information disclosure vulnerability - everyone can list the names of roles defined in the ZODB Role Manager plugin if the site uses this...

PYSEC-2021-44

Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an information disclosure vulnerability - everyone can list the names of roles defined in the ZODB Role Manager plugin if the site uses this...

PYSEC-2021-44

Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an information disclosure vulnerability - everyone can list the names of roles defined in the ZODB Role Manager plugin if the site uses this...

CVE-2020-15327

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication...

CVE-2020-15327

The CVE-2020-15327 issue affects Zyxel CloudCNM SecuManager versions 3.1.0 and 3.1.1. The root cause is the use of ZODB storage without authentication, which can allow remote access to stored data without credentials. Public references align on a trust-management vulnerability leading to potentia...

Zyxel CNM SecuManager 3.1.0 / 3.1.1 Hardcoded Keys / XSS / Code Execution Vulnerabilities

Zyxel CNM SecuManager versions 3.1.0 and 3.1.1 suffer from having hard-coded secrets, missing authentication, backdoors, and remote code execution vulnerabilities. Zyxel CNM SecuManager 3.1.0 / 3.1.1 Hardcoded Keys / XSS / Code Execution The HTML version on "Multiple vulnerabilities found in Zyxe...

Zyxel CNM SecuManager 3.1.0 / 3.1.1 Hardcoded Keys / XSS / Code Execution

Hello, Please find a text-only version below sent to security mailing lists. The HTML version on "Multiple vulnerabilities found in Zyxel CNM SecuManager" is posted here: https://pierrekim.github.io/blog/2020-03-09-zyxel-secumanager-0day-vulnerabilities.html === text-version of the advisory ===...

Debian: Security Advisory (DSA-2234-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 2234-1 (zodb)

The remote host is missing an update to zodb announced via advisory DSA 2234-1. OpenVAS Vulnerability Test $Id: deb22341.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2234-1 zodb Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...