PHOENIX CONTACT多款产品 安全漏洞

PHOENIX CONTACT FL MGUARD 2102, among others, are products of the German company PHOENIX CONTACT. PHOENIX CONTACT FL MGUARD 2102 is a router. PHOENIX CONTACT FL MGUARD 2105 is also a router. PHOENIX CONTACT FL MGUARD represents a series of routers. Several products from PHOENIX CONTACT have...

CVE-2026-2105

Summary (CVE-2026-2105). A flaw exists in the yeqifu warehouse project, specifically in the Department Management component. The vulnerability affects the DeptController.java functions addDept, updateDept, and deleteDept, causing improper authorization. Exploitation is described as remote; an exp...

MiracleLinux 7 : openssl-1.0.1e-51.el7.5 (AXSA:2016-230:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-230:03 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

CVE-2019-2105

In FileInputStream::Read of fileinputstream.cc, there is a possible memory corruption due to uninitialized data. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2023-52163link is external Digiever DS-2105 Pro Missing Authorization Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

Digiever DS-2105 Pro Missing Authorization Vulnerability

Digiever DS-2105 Pro contains a missing authorization vulnerability which could allow for command injection via timetzsetup.cgi...

CVE-2024-2105

creationtimestamp| type| source ---|---|--- 2025-12-10 15:42:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7nfjxpm7v2y 2025-12-11 09:04:24+00:00| seen| https://infosec.exchange/users/certvde/statuses/115700128904081487...

EUVD-2022-2105

Malicious code in bioql PyPI...

CVE-2022-41204

An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205, login page through a manipulated URL. They can inject code that allows them to redirect submissions from the affected login form to their own server. This allows them to steal credentials and hijack...

CVE-2006-2105

Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 and 1.1.5 allows remote attackers to read arbitrary files via ".." sequences terminated by a %00 null character in the n parameter...

CVE-2025-2105 Jupiter X Core <= 4.8.11 - Unauthenticated PHP Object Injection via PHAR

The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted input from the 'file' parameter of the 'ravendownloadfile' function. This makes it possible for attackers to inject a PHP Object through a PH...

CVE-2025-2105

CVE-2025-2105 (Jupiter X Core) affects WordPress Jupiter X Core plugin up to version 4.8.11. Vulnerability: PHP Object Injection via deserialization of untrusted input from the ‘file’ parameter of raven_download_file, enabling injection of a PHP object through a PHAR file. Impact is contingent on...

WordPress Jupiter X Core plugin <= 4.8.11 - Unauthenticated PHP Object Injection via PHAR vulnerability

Unauthenticated PHP Object Injection via PHAR vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin JupiterX Core versions = 4.8.11...

Linux Distros Unpatched Vulnerability : CVE-2016-2105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the EVPEncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a deni...

CVE-2023-52164

accessdevice.cgi on Digiever DS-2105 Pro 3.1.0.71-11 devices allows arbitrary file read. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2023-52163

Digiever DS-2105 Pro 3.1.0.71-11 devices allow timetzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2023-52163

Digiever DS-2105 Pro 3.1.0.71-11 devices allow timetzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2023-52164

accessdevice.cgi on Digiever DS-2105 Pro 3.1.0.71-11 devices allows arbitrary file read. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2023-52163

Digiever DS-2105 Pro 3.1.0.71-11 devices allow timetzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2023-52164

accessdevice.cgi on Digiever DS-2105 Pro 3.1.0.71-11 devices allows arbitrary file read. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...