vulnerabilities and exploits

(subscribe to this query)

Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch.

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. Prior to STS version 2.31.0 and LTS version 2.27.7, if a Portainer administrator can be convinced to re...

conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.47.1, the travis_encrypt_binstar_token implementation in the conda-smithy package has been identified as vulnerable to an ...

Conda-forge Conda-smithy

conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.47.1, the travis_headers function in the conda-smithy repository creates files with permissions exceeding 0o600, allowing ...

Conda-forge Conda-smithy

A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target syst...

Trendmicro Endpoint Encryption Policy Server 6.0.0.4013 Trend Micro, Inc. Trend Micro Endpoint Encryption Policy Server

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target sy...

Trendmicro Endpoint Encryption Policy Server 6.0.0.4013 Trend Micro, Inc. Trend Micro Endpoint Encryption Policy Server

Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local malicious user to unintentionally delete privileged Trend Micro files including its own.

Trendmicro Maximum Security 2022 17.8 Trend Micro, Inc. Trend Micro Internet Security (consumer)

Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local malicious user to unintentionally delete privileged Trend Micro files including its own.

Trendmicro Maximum Security 2022 17.8 Trend Micro, Inc. Trend Micro Internet Security (consumer)

A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an malicious user to escalate privileges on affected installations. This is similar to, but not identical to CVE-2025-49215. Please note: an attacker must first obtain the a...

Trendmicro Endpoint Encryption Policy Server 6.0.0.4013 Trend Micro, Inc. Trend Micro Endpoint Encryption Policy Server

An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an malicious user to access key methods as an admin user and modify product configurations on affected installations.

Trendmicro Endpoint Encryption Policy Server 6.0.0.4013 Trend Micro, Inc. Trend Micro Endpoint Encryption Policy Server

1 Article

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook