CVE-2026-28532

FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16t accumulator variable truncates uint32t values returned by the TLVSIZE macro, causing the loop termination condition to fail while pointer...

PT-2025-34367 · Unknown · Mcsmanager

Name of the Vulnerable Software and Affected Versions: MCSManager version 10.5.3 Description: The MCSManager daemon process runs with root privileges by default. Sensitive data, including tokens and terminal content, is stored in a data directory accessible to all users. This allows unauthorized...

MCSManager Panel 安全漏洞

MCSManager Panel is an open source game server administration panel from MCSManager. A security vulnerability exists in MCSManager Panel version 10.5.3, which stems from a daemon running as root by default and sensitive data being readable by all users, which may result in elevated privileges...

CVE-2024-49558

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2024-49557

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code...

CVE-2024-48838

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker...

CVE-2024-48837

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution...

CVE-2024-49560

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains a command injection vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution...

PT-2024-8150 · Dell · Os10

Name of the Vulnerable Software and Affected Versions: Dell SmartFabric OS10 Software versions 10.5.3.x through 10.5.6.x Description: The issue is related to a command injection vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to...

PT-2024-8147 · Dell · Os10

Name of the Vulnerable Software and Affected Versions: Dell SmartFabric OS10 versions 10.5.3.x through 10.5.6.x Description: The issue is related to improper privilege management in the network operating system, which could allow an attacker to elevate their privileges. A low-privileged attacker...

CVE-2024-39577

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability leading to code...

Dell SmartFabric OS10 命令注入漏洞

Dell SmartFabric OS10 is a Linux-based network switch operating system from Dell USA. A command injection vulnerability exists in Dell SmartFabric OS10 versions 10.5.6.x, 10.5.5.x, 10.5.4.x, and 10.5.3.x. The vulnerability, which stems from improper neutralization of a special element, could lead...

Dell SmartFabric OS10 资源管理错误漏洞

Dell SmartFabric OS10 is a set of Linux-based network switch operating systems from Dell USA. A resource management error vulnerability exists in Dell SmartFabric OS10 versions 10.5.6.x, 10.5.5.x, 10.5.4.x, and 10.5.3.x. The vulnerability stems from an authenticated user having physical access to...

PT-2024-27321 · Dell · Os10

Name of the Vulnerable Software and Affected Versions: Dell SmartFabric OS10 Software, versions 10.5.3.x through 10.5.6.x Description: The issue is related to an Uncontrolled Resource Consumption vulnerability. A remote unauthenticated host could potentially exploit this vulnerability, leading to...

Directus Security Vulnerabilities

Directus is a real-time Api and application dashboard. It is used to manage Sql database content. A security vulnerability exists in Directus versions 9.23.0 through 10.5.3 that stems from incorrect handling of the in, nin operators...

CVE-2024-25949

Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an improper authorization vulnerability. A remote authenticated attacker could potentially exploit this vulnerability leading to escalation of privileges...

PT-2024-21238 · Dell · Dell Os10 Networking Switches

Name of the Vulnerable Software and Affected Versions: Dell OS10 Networking Switches versions 10.5.3.x through 10.5.6.x Description: The issue is related to an improper authorization vulnerability. A remote authenticated attacker could potentially exploit this vulnerability, leading to escalation...

CVE-2024-35239 Stored Cross-site Scripting on Components of Umbraco Forms

Umbraco Commerce is an open source dotnet web forms solution. In affected versions an authenticated user that has access to edit Forms may inject unsafe code into Forms components. This issue can be mitigated by configuring TitleAndDescription:AllowUnsafeHtmlRendering after upgrading to one of th...

Umbraco Commerce 跨站脚本漏洞

Umbraco Commerce is an e-commerce solution from Umbraco, Denmark. A cross-site scripting vulnerability exists in Umbraco Commerce that stems from a stored cross-site scripting XSS vulnerability in a component of Umbraco Forms. Affected products and versions: Umbraco Commerce versions prior to...

Security Bulletin: IBM DataPower Gateway vulnerable to directory traversal issue

Summary IBM has addressed the CVE Vulnerability Details CVEID:CVE-2023-46177 DESCRIPTION: IBM MQ Appliance 9.3 LTS and 9.3 CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to view arbitrary files on the system. IBM...