CVE-2026-39815

Fortinet FortiDDoS-F versions 7.2.1–7.2.2 are described as vulnerable to an improper neutralization of special elements used in an SQL command (SQL injection). The issue could allow an attacker to execute unauthorized code or commands via an attack vector. The connected documents do not provide e...

CVE-2026-39815

A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...

Fortinet FortiDDoS-F 安全漏洞

Fortinet FortiDDoS-F is a distributed denial-of-service protection system developed by the American company Fortinet. Versions 7.2.1 to 7.2.2 of Fortinet FortiDDoS-F contain security vulnerabilities. These vulnerabilities stem from improper handling of special elements within SQL commands, which...

PT-2026-32694

A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...

CVE-2020-7934

In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First Name, Middle Name, and Last Name fields for user accounts in MyAccountPortlet are all vulnerable to a persistent XSS issue. Any user can modify these fields with a particular XSS payload, and it will be stored in the database. The payload wi...

CVE-2025-64156

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7, FortiVoice 6.4 all versions, FortiVoice 6.0 all versions may allow an authenticated privileged attacker to execute...

CVE-2024-45538

Cross-Site Request Forgery CSRF vulnerability in WebAPI Framework in Synology DiskStation Manager DSM before 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote attackers to execute arbitrary code via unspecified vectors...

EUVD-2021-14111

Malware in sbrugna...

EUVD-2018-7483

Malware in sbrugna...

EUVD-2020-18162

Malware in sbrugna...

CVE-2025-9670

A security flaw has been discovered in mixmark-io turndown up to 7.2.1. This affects an unknown function of the file src/commonmark-rules.js. Performing manipulation results in inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been released...

Turndown 安全漏洞

Turndown is an HTML to Markdown converter open source by mixmark-io. A security vulnerability exists in Turndown 7.2.1 and earlier versions, which stems from a regular expression inefficiency in the file src/commonmark-rules.js that could lead to a denial-of-service attack...

Linux Distros Unpatched Vulnerability : CVE-2021-27351

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently acti...

Linux Distros Unpatched Vulnerability : CVE-2019-11578

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks. CVE-2019-11578 Note that Nessus relies on the presence of the...

CVE-2025-1021

Missing authorization vulnerability in synocopy in Synology DiskStation Manager DSM before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows remote attackers to read arbitrary files via unspecified vectors...

CVE-2025-2161

Pega Platform versions 7.2.1 to Infinity 24.2.1 are affected by an XSS issue with Mashup...

Synology DiskStation Manager 信任管理问题漏洞

Synology DiskStation Manager DSM is an operating system for use on networked storage servers NAS from Synology, a Chinese company. This operating system manages information such as data, files, photos, music, and other information. A trust management issue vulnerability exists in Synology...

Fortinet FortiNDR 跨站请求伪造漏洞

Fortinet FortiNDR is a network detection and response solution from Fortinet, Inc. A cross-site request forgery vulnerability exists in Fortinet FortiNDR, which stems from a cross-site request forgery that could lead to the execution of an unauthorized operation. The following versions are...

CVE-2024-13495

The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via the gamipressajaxgetlogs function in all versions up to, and including, 7.2.1. This is due to the software allowing users to...

CVE-2024-13499

The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via gamipressdoshortcode function in all versions up to, and including, 7.2.1. This is due to the software allowing users to...