CVE-2026-23596

A vulnerability in the management API of the affected product could allow an unauthenticated remote attacker to trigger service restarts. Successful exploitation could allow an attacker to disrupt services and negatively impact system availability...

PT-2025-53366

Name of the Vulnerable Software and Affected Versions Microhard Systems IPn4G version 1.1.0 Description An issue exists in Microhard Systems IPn4G that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes...

CVE-2025-42878

SAP Web Dispatcher and ICM may expose internal testing interfaces that are not intended for production. If enabled, unauthenticated attackers could exploit them to access diagnostics, send crafted requests, or disrupt services. This vulnerability has a high impact on confidentiality, availability...

CVE-2025-59461 API does not require authentication

A remote unauthenticated attacker may use the unauthenticated C++ API to access or modify sensitive data and disrupt services...

EUVD-2022-38114

Malicious code in bioql PyPI...

EUVD-2022-26906

Malicious code in bioql PyPI...

NVIDIA Triton Inference Server 安全漏洞

NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server has a denial of service vulnerability that can be exploited by an attacker to cause a denial of service...

CVE-2024-5210

A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to prevent printer services from being reachable until the system is rebooted...

CVE-2023-0017

An unauthenticated attacker in SAP NetWeaver AS for Java - version 7.50, due to improper access control, can attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data on the current...

CVE-2023-23857

Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and services...

CVE-2024-45806

CVE-2024-45806 affects Envoy, a cloud-native edge proxy. The vulnerability stems from Envoy’s default handling of internal RFC1918 addresses, which are trusted even if internal_address_config is empty. An external client could exploit this to manipulate headers (e.g., x-envoy headers), potentiall...

Design/Logic Flaw

Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user with network access to the system could potentially send malicious data to the device in order to cause some services to cease to function...

Multisuns EasyLog web+ Security Vulnerability

Multisuns EasyLog web+ is an unattended multi-loop digital telephone recording system from Multisuns. A security vulnerability exists in Multisuns EasyLog web+ v1.13.2.8, which can be exploited by remote attackers to break into the code and gain access to the system in order to perform arbitrary...

CVE-2023-42669

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...

The vulnerability in the Firefox web browser, related to writing beyond the buffer, allows attackers to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability in the Firefox web browser is related to writing beyond the buffer limit. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service interruptions...

CVE-2023-38033

ASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services...

The vulnerability of the Google Chrome browser’s extension can compromise their integrity and also lead to service failures.

The vulnerability of the Google Chrome browser extension is related to the overflow of the heap buffer and the installation of malicious extensions. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service interruptions...

CVE-2023-28700 ITPison OMICARD EDM - Arbitrary File Upload

OMICARD EDM backend system’s file uploading function does not restrict upload of file with dangerous type. A local area network attacker with administrator privileges can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt servic...

ASUS RT-AC86U 缓冲区错误漏洞

The ASUS RT-AC86U is a dual-band Wi-Fi router from the Chinese company ASUS. The ASUS RT-AC86U suffers from a buffer overflow vulnerability that originates from a boundary error when handling untrusted input, which can be exploited by a remote attacker with administrator privileges to execute...

aEnrich a+HRD 代码问题漏洞

aEnrich a+HRD is a full-service human resources development solution from Acer China aEnrich. A code issue vulnerability exists in aEnrich Technology a+HRD, which stems from a deserialization vulnerability in the presence of untrusted data. An unauthenticated, remote attacker could use this...