320 matches found
CVE-2026-25751
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an unauthenticated, remote attacker to obtain the full...
CVE-2026-25751
CVE-2026-25751 affects FUXA up to version 1.2.9 and is a information-disclosure flaw that exposes sensitive administrative credentials for InfluxDB, enabling an attacker to obtain the full system configuration and potentially authenticate to the database to read/modify/delete data or cause DoS. T...
CVE-2026-25751 FUXA Unauthenticated Exposure of Plaintext Database Credentials
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an unauthenticated, remote attacker to obtain the full...
CVE-2026-25751 FUXA Unauthenticated Exposure of Plaintext Database Credentials
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an unauthenticated, remote attacker to obtain the full...
AZL-76988 CVE-2025-58190 affecting package influxdb 2.7.5-10
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-76992 CVE-2025-47911 affecting package influxdb 2.7.5-10
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-76893 CVE-2025-47911 affecting package influxdb for versions less than 2.6.1-30
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
FUXA Unauthenticated Exposure of Plaintext Database Credentials
Description An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. This affects FUXA through version 1.2.9. This issue has been patched in FUXA version 1.2.10. Impact This affects all deployments,...
PT-2026-6661
Name of the Vulnerable Software and Affected Versions FUXA versions through 1.2.9 Description An information disclosure issue in FUXA allows a remote, unauthenticated attacker to obtain sensitive administrative database credentials. Exploitation allows an attacker to access the full system...
AZL-75428 CVE-2025-11065 affecting package influxdb 2.7.5-10
A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...
AZL-75479 CVE-2025-11065 affecting package influxdb for versions less than 2.6.1-30
A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...
Azure Linux 3.0 Security Update: influxdb (CVE-2019-0205)
The version of influxdb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-0205 advisory. - In Apache Thrift all versions up to and including 0.12.0, a server or client May run into an endless loop...
CVE-2025-10543 affecting package influxdb for versions less than 2.7.5-10
CVE-2025-10543 affecting package influxdb for versions less than 2.7.5-10. A patched version of the package is available...
CVE-2025-65637 affecting package influxdb for versions less than 2.6.1-25
CVE-2025-65637 affecting package influxdb for versions less than 2.6.1-25. A patched version of the package is available...
CVE-2025-10543 affecting package influxdb for versions less than 2.6.1-27
CVE-2025-10543 affecting package influxdb for versions less than 2.6.1-27. A patched version of the package is available...
CVE-2025-65637 affecting package influxdb for versions less than 2.7.5-9
CVE-2025-65637 affecting package influxdb for versions less than 2.7.5-9. A patched version of the package is available...
AZL-71602 CVE-2025-65637 affecting package influxdb for versions less than 2.6.1-28
A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving...
AZL-71299 CVE-2025-10543 affecting package influxdb for versions less than 2.6.1-27
In Eclipse Paho Go MQTT v3.1 library paho.mqtt.golang versions =1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to the server for example, part of an MQTT topic may leak into...
AZL-71311 CVE-2025-10543 affecting package influxdb for versions less than 2.7.5-10
In Eclipse Paho Go MQTT v3.1 library paho.mqtt.golang versions =1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to the server for example, part of an MQTT topic may leak into...
EUVD-2022-5501
Malicious code in bioql PyPI...