61935 matches found
CVE-2025-15653
Dräger Zeus Infinity Empowered Zeus IE and Zeus RS C500 anesthesia workstations contain a local security vulnerability that allows unauthorized individuals with physical access to compromise software integrity via USB interface manipulation. Attackers can exploit the unprotected USB interfaces to...
CVE-2026-5509
An authenticated command injection vulnerability exists in the Archer BE450 v1 and BE7200 v1 router that allows an administrator to execute arbitrary system commands through the web management interface. After successfully authenticating to the admin interface, an attacker can leverage the...
CVE-2025-15653 Dräger Zeus IE Anesthesia Workstation USB Interface Privilege Escalation
Dräger Zeus Infinity Empowered Zeus IE and Zeus RS C500 anesthesia workstations contain a local security vulnerability that allows unauthorized individuals with physical access to compromise software integrity via USB interface manipulation. Attackers can exploit the unprotected USB interfaces to...
CVE-2025-15653
The affected products are Dräger Zeus Infinity Empowered (Zeus IE) and Zeus RS C500 anesthesia workstations. The vulnerability is a local privilege escalation via unprotected USB interfaces that attackers with physical access can exploit to compromise software integrity. Reported impact includes ...
CVE-2025-15653 Dräger Zeus IE Anesthesia Workstation USB Interface Privilege Escalation
Dräger Zeus Infinity Empowered Zeus IE and Zeus RS C500 anesthesia workstations contain a local security vulnerability that allows unauthorized individuals with physical access to compromise software integrity via USB interface manipulation. Attackers can exploit the unprotected USB interfaces to...
CVE-2026-49443 authentik: `UserSourceConnection.user` and `GroupSourceConnection.group` are changeable through the API
authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, an attacker with the ability to change a source connection, and an account in one of the configured sources can log into any account. This issue has been patched in versions 2025.12.6, 2026.2.4, an...
CVE-2021-4479
Dräger Atlan A350 software versions 1.00 through 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can transmit malformed data to overload th...
CVE-2019-25723
Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal...
CVE-2021-4479
Dräger Atlan A350 vulnerable software versions 1.00–1.01 due to improper input handling in the Medibus interface. An attacker can send crafted non‑Medibus‑compliant data to trigger a denial of service by overloading the internal processor, potentially causing device operation disruption over seve...
CVE-2021-4479 Dräger Atlan A350 1.00-1.01 DoS via Medibus Interface
Dräger Atlan A350 software versions 1.00 through 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can transmit malformed data to overload th...
CVE-2021-4479
Dräger Atlan A350 software versions 1.00 through 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can transmit malformed data to overload th...
CVE-2021-4479 Dräger Atlan A350 1.00-1.01 DoS via Medibus Interface
Dräger Atlan A350 software versions 1.00 through 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can transmit malformed data to overload th...
EUVD-2021-34845
Dräger Atlan A350 software versions 1.00 through 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can transmit malformed data to overload th...
CVE-2026-35202
Summary of vulnerability (CVE-2026-35202) : Pterodactyl Panel’s Client API suffers a race-condition in the database resource limiter. The code path in DatabaseController.php attempts to lock database allocations with lockForUpdate(), but the Laravel call is a no-op (no terminal operation is sent)...
EUVD-2026-34010
Pterodactyl is a free, open-source game server management panel. Prior to version 1.12.3, the Pterodactyl Client API has a logic flaw that lets users bypass their assigned limits for database allocations. This happens because the database locking mechanism used in the controllers is totally broke...
EUVD-2019-20159
Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal...
CVE-2019-25723 Dräger Perseus A500 2.00-2.02 DoS via Medibus Interface
Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal...
CVE-2019-25723 Dräger Perseus A500 2.00-2.02 DoS via Medibus Interface
Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal...
CVE-2019-25723
CVE-2019-25723 describes an improper input handling vulnerability in Dräger Perseus A500 software 2.00–2.02 . An external attacker can cause a DoS by sending specially crafted, non-Medibus‑compliant data through the Medibus interface , flooding the internal processor and triggering a warm restart...
CVE-2026-38978
transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...