CVE-2025-41280

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal Zip Slip in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute code on the RX Host when a MySQL connector is configured and file compression is enabled...

EUVD-2025-41280

Malicious code in dewanto-miebogor71-miaww npm...

QNAP QTS / QuTS hero Multiple Vulnerabilities in QTS, QuTS hero (QSA-23-38)

The version of QNAP QTS / QuTS hero installed on the remote host is affected by multiple vulnerabilities as referenced in the QSA-23-38 advisory: - A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could...

QNAP QTS Multiple Vulnerabilities (QSA-23-38)

QNAP QTS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...

CVE-2023-41280

creationtimestamp| type| source ---|---|--- 2024-02-02 17:27:00+00:00| seen| https://t.me/ctinow/178177 2024-02-25 12:12:06+00:00| seen| https://t.me/ctinow/192853...

CVE-2023-41280

CVE-2023-41280 affects QNAP QTS/QuTS software (QTS 5.1.2.2533 build 20230926+, QuTS hero h5.1.2.2534 build 20230927+, QuTScloud c5.1.5.2651+) due to a buffer copy without input size validation. The issue could allow an authenticated administrator to execute code over the network. Remediation is p...

CVE-2022-41280

creationtimestamp| type| source ---|---|--- 2022-12-13 18:28:06+00:00| seen| https://t.me/cibsecurity/54435...

CVE-2022-41280

A vulnerability has been identified in JT2Go All versions V14.1.0.6, Teamcenter Visualization V13.2 All versions V13.2.0.12, Teamcenter Visualization V13.3 All versions V13.3.0.8, Teamcenter Visualization V14.0 All versions V14.0.0.4, Teamcenter Visualization V14.1 All versions V14.1.0.6. The...

CVE-2022-41280

Siemens VT/JT2Go are affected by a null pointer dereference in CGM_NIST_Loader.dll when parsing specially crafted CGM files. Affected products include JT2Go (all versions < 14.1.0.6) and Teamcenter Visualization (V13.2 <13.2.0.12, V13.3 <13.3.0.8, V14.0 <14.0.0.4, V14.1

CVE-2022-41280

A vulnerability has been identified in JT2Go All versions V14.1.0.6, Teamcenter Visualization V13.2 All versions V13.2.0.12, Teamcenter Visualization V13.3 All versions V13.3.0.8, Teamcenter Visualization V14.0 All versions V14.0.0.4, Teamcenter Visualization V14.1 All versions V14.1.0.6. The...

CVE-2021-41280

creationtimestamp| type| source ---|---|--- 2021-11-19 22:17:01+00:00| seen| https://t.me/cibsecurity/32730...

CVE-2021-41280

Sharetribe Go is a source available marketplace software. In affected versions operating system command injection is possible on installations of Sharetribe Go, that do not have a secret AWS Simple Notification Service SNS notification token configured via the snsnotificationtoken configuration...

CVE-2021-41280 OS command injection in Sharetribe Go

Sharetribe Go is a source available marketplace software. In affected versions operating system command injection is possible on installations of Sharetribe Go, that do not have a secret AWS Simple Notification Service SNS notification token configured via the snsnotificationtoken configuration...

CVE-2021-41280

CVE-2021-41280 affects Sharetribe Go (OS configuration) where an operating system command injection is possible in affected versions that do not configure the secret SNS notification token via the sns_notification_token parameter. The issue is mitigated by upgrading to version 10.2.1, where the p...