📦 Sinec Ins

This vulnerability allows authenticated remote attackers with high privileges in SINEC INS to execute arbitrary operating system commands through improper input validation in the web API. All versions...

This vulnerability in SINEC INS allows malicious administrators to upload specially crafted certificates through the RADIUS configuration mechanism, bypassing validation checks. Successful exploitatio...

This CVE describes an OS command injection vulnerability in Node.js that allows attackers to bypass host validation checks and perform DNS rebinding attacks. It affects Node.js applications that make ...

A memory corruption vulnerability in ISC DHCP allows attackers to cause denial of service by crashing dhclient or dhcpd processes when they parse malicious lease files. The vulnerability affects DHCP ...

Lodash versions before 4.17.21 contain a command injection vulnerability in the template function that allows attackers to execute arbitrary commands on the host system. This affects any application u...

SINEC INS versions before V1.0 SP2 Update 3 use hard-coded cryptographic keys to obfuscate configuration files, allowing attackers to reverse-engineer the application binary to obtain these keys and d...

This vulnerability allows authenticated attackers to maintain active sessions even after their user accounts have been disabled or deleted in SINEC INS. Attackers could continue performing malicious a...