4200 matches found
Siemens TeleControl Server Basic SQL注入漏洞
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method GetProjects, which can be exploited by an attacker to bypass...
Veritas Data Insight 安全漏洞
Veritas Data Insight is a solution from Veritas that classifies, contextualizes, and controls unstructured data. A security vulnerability exists in Veritas Data Insight versions prior to 7.1.2 that stems from the possibility of sending plaintext credentials when configured to use HTTP basic...
Siemens TeleControl Server Basic SQL注入漏洞
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the UnlockWebServerGatewaySettings method, which can be exploited by an attacker to cause...
Siemens TeleControl Server Basic SQL注入漏洞
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the GetLogs method, which can be exploited by an attacker to bypass authorization contro...
Siemens TeleControl Server Basic SQL注入漏洞
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from an internal method, UnlockOpcSettings, which can be exploited by an attacker to bypass authorization controls...
Siemens TeleControl Server Basic SQL注入漏洞
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method UpdateProjectUserRights, which can be exploited by an attacker to bypass authorization...
PT-2025-16826 · Unknown · Telecontrol Server Basic
Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...
Siemens TeleControl Server Basic SQL注入漏洞
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the MigrateDatabase method, which can be exploited by an attacker to bypass authorizatio...
Siemens TeleControl Server Basic SQL注入漏洞
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the LockTraceLevelSettings method, which can be exploited by an attacker to bypass...
Siemens TeleControl Server Basic SQL注入漏洞
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that stems from the lack of proper filtering of input in the internally used 'DeleteProject' method. An attacker could exploit th...
Siemens TeleControl Server Basic SQL注入漏洞
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from the internally used 'UnlockProject' method. An attacker could exploit the vulnerability to cause bypass of...
Siemens TeleControl Server Basic SQL注入漏洞
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that can be exploited by an attacker to cause remote code execution...
CVE-2025-43704
Arctera/Veritas Data Insight before 7.1.2 can send cleartext credentials when configured to use HTTP Basic Authentication to a Dell Isilon OneFS server...
Siemens TeleControl Server Basic SQL注入漏洞
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, UnlockProject, which can be exploited by an attacker to bypass authorization controls an...
PT-2025-16847 · Unknown · Telecontrol Server Basic
Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...
The vulnerability of the BIOS microprogramming system in Dell laptops allows a hacker to execute arbitrary code.
The vulnerability of the BIOS microprogramming system in Dell laptops is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
CVE-2025-32230
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Themeum Tutor LMS tutor.This issue affects Tutor LMS: from n/a through = 3.4.0...
(Pwn2Own) Lexmark CX331adwe basic_auth.cgi PATH_TRANSLATED Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the PATHTRANSLATED parameter provided to the...
CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware
The Computer Emergency Response Team of Ukraine CERT-UA has revealed that no less than three cyber attacks were recorded against state administration bodies and critical infrastructure facilities in the country with an aim to steal sensitive data. The campaign, the agency said, involved the use o...
Stream HTTP wrapper header check might omit basic auth header
...