19139 matches found
CVE-2025-64120
CVE-2025-64120 affects the Nuvation Energy Multi-Stack Controller (MSC). The vulnerability is caused by improper neutralization of special elements in OS command handling, enabling an OS command injection. Affected versions are MSC 2.3.8 up to, but not including, 2.5.1 (i.e., 2.3.8–2.5.0). Impact...
CVE-2025-64120 Nuvation Energy Multi-Stack Controller OS Command Injection
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Nuvation Energy Multi-Stack Controller MSC allows OS Command Injection.This issue affects Multi-Stack Controller MSC: from 2.3.8 before 2.5.1...
CVE-2025-64120 Nuvation Energy Multi-Stack Controller OS Command Injection
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Nuvation Energy Multi-Stack Controller MSC allows OS Command Injection.This issue affects Multi-Stack Controller MSC: from 2.3.8 before 2.5.1...
CVE-2025-15432
A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This vulnerability affects the function downloadShowFile of the file /file/downloadShowFile.action of the component com.yeqifu.sys.controller.FileController. The manipulation of the argument path...
CVE-2025-15432
A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This vulnerability affects the function downloadShowFile of the file /file/downloadShowFile.action of the component com.yeqifu.sys.controller.FileController. The manipulation of the argument path...
CVE-2025-15432 yeqifu carRental com.yeqifu.sys.controller.FileController downloadShowFile.action downloadShowFile path traversal
A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This vulnerability affects the function downloadShowFile of the file /file/downloadShowFile.action of the component com.yeqifu.sys.controller.FileController. The manipulation of the argument path...
CVE-2025-15432 yeqifu carRental com.yeqifu.sys.controller.FileController downloadShowFile.action downloadShowFile path traversal
A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This vulnerability affects the function downloadShowFile of the file /file/downloadShowFile.action of the component com.yeqifu.sys.controller.FileController. The manipulation of the argument path...
CVE-2025-15432
The CVE-2025-15432 issue affects yeqifu carRental, specifically the function downloadShowFile in /file/downloadShowFile.action of the com.yeqifu.sys.controller.FileController. The root cause is path traversal caused by manipulation of the path argument, allowing remote exploitation. Several sourc...
[SECURITY] Fedora 42 Update: direwolf-1.8.1-1.fc42
Dire Wolf is a modern software replacement for the old 1980's style TNC built with special hardware. Without any additional software, it can perform as an APRS GPS Tracker, Digipeater, Internet Gateway IGate, APRStt gateway. It can also be used as a virtual TNC for other applications such as...
[SECURITY] Fedora 43 Update: direwolf-1.8.1-1.fc43
Dire Wolf is a modern software replacement for the old 1980's style TNC built with special hardware. Without any additional software, it can perform as an APRS GPS Tracker, Digipeater, Internet Gateway IGate, APRStt gateway. It can also be used as a virtual TNC for other applications such as...
PT-2026-1138
Name of the Vulnerable Software and Affected Versions Nuvation Energy Multi-Stack Controller MSC versions through 2.5.1 Nuvation Energy nCloud VPN Service affected versions not specified Description An issue involving Network Boundary Bridging exists in Nuvation Energy nCloud VPN Service and...
Nuvation Energy Multi-Stack Controller 安全漏洞
The Nuvation Energy Multi-Stack Controller is a control unit in a battery management system from Nuvation Energy, Inc. A security vulnerability exists in Nuvation Energy Multi-Stack Controller version 2.5.1 and earlier, which stems from the presence of an unintended proxy or intermediary that cou...
PT-2026-1136
Name of the Vulnerable Software and Affected Versions Nuvation Energy Multi-Stack Controller MSC versions 2.3.8 through 2.5.0 Description An authentication bypass issue exists in Nuvation Energy Multi-Stack Controller MSC. This allows unauthenticated attackers to gain full control. The issue...
PT-2026-1137
Name of the Vulnerable Software and Affected Versions Nuvation Energy Multi-Stack Controller MSC versions through 2.5.1 Description A weakness exists in the Nuvation Energy Multi-Stack Controller MSC that allows Signature Spoofing by Key Theft due to insufficiently protected credentials. This cou...
Nuvation Energy Multi-Stack Controller 安全漏洞
The Nuvation Energy Multi-Stack Controller is a control unit in a battery management system from Nuvation Energy, Inc. A security vulnerability exists in Nuvation Energy Multi-Stack Controller versions 2.3.8 through prior to 2.5.1, which stems from the use of an alternate path or channel to bypas...
PT-2026-1135
Name of the Vulnerable Software and Affected Versions Nuvation Energy Multi-Stack Controller versions 2.3.8 through 2.5.0 Description A flaw exists in Nuvation Energy Multi-Stack Controller that allows for OS Command Injection. This issue could allow an attacker to execute arbitrary commands on t...
Nuvation Energy Multi-Stack Controller 安全漏洞
The Nuvation Energy Multi-Stack Controller is a control unit in a battery management system from Nuvation Energy, Inc. A security vulnerability exists in Nuvation Energy Multi-Stack Controller MSC versions 2.3.8 through prior to 2.5.1, which stems from improper neutralization of a special element...
Nuvation Energy Multi-Stack Controller 安全漏洞
The Nuvation Energy Multi-Stack Controller is a control unit in a battery management system from Nuvation Energy, Inc. A security vulnerability exists in Nuvation Energy Multi-Stack Controller version 2.5.1 and prior versions, which stems from insufficient credential protection and could lead to...
CVE-2025-15360
A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...
Exposure of Data Element to Wrong Session
Overview skypilot is a SkyPilot: Run AI on Any Infra — Unified, Faster, Cheaper. Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session in the form of allowing users to see the pending jobs belonging to other users, under some conditions, and leaking keys in...