CVE-2025-36611

Dell Encryption and Dell Security Management Server, versions prior to 11.11.0, contain an Improper Link Resolution Before File Access 'Link Following' Vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation...

CVE-2025-36611

Dell Encryption and Dell Security Management Server contain an Improper Link Resolution Before File Access ("Link Following") vulnerability affecting versions prior to 11.11.0. A local attacker could potentially escalate privileges by abusing link resolution behavior. The issue is fixed in versio...

Tenable Patch Management Server < 9.3.968.19 SQLi

The version of Tenable Patch Management Server installed on the remote host is prior to 9.3.968.19. It is, therefore, affected by an SQL injection vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to inject or manipulate SQL...

CVE-2025-53082

An 'Arbitrary File Deletion' in Samsung DMSData Management Server allows attackers to delete arbitrary files from unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses...

CVE-2025-53081

An 'Arbitrary File Creation' in Samsung DMSData Management Server allows attackers to create arbitrary files in unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses...

CVE-2025-53078

Deserialization of Untrusted Data in Samsung DMSData Management Server allows attackers to execute arbitrary code via write file to system...

CVE-2025-53077

An execution after redirect in Samsung DMSData Management Server allows attackers to execute limited functions without permissions. An attacker could compromise the integrity of the platform by executing this vulnerability...

CVE-2025-53079

Absolute Path Traversal in Samsung DMSData Management Server allows authenticated attacker Administrator to read sensitive files...

CVE-2025-53082

An 'Arbitrary File Deletion' in Samsung DMSData Management Server allows attackers to delete arbitrary files from unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses...

CVE-2025-53081

An 'Arbitrary File Creation' in Samsung DMSData Management Server allows attackers to create arbitrary files in unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses...

CVE-2025-53080

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' in Samsung DMSData Management Server allows authenticated attackers to create arbitrary files in unintended locations on the filesystem...

PT-2025-31171 · Samsung · Samsung Dms

Name of the Vulnerable Software and Affected Versions: Samsung DMSData Management Server affected versions not specified Description: An absolute path traversal issue exists in Samsung DMSData Management Server. An authenticated attacker with Administrator privileges can read sensitive files...

SAMSUNG DMS 安全漏洞

SAMSUNG DMS is a data management server from Samsung South Korea. A security vulnerability exists in SAMSUNG DMS that originates from arbitrary file creation and could result in the creation of arbitrary files on the file system...

Tenable Patch Management Server Admin Portal Detection

Binary data tenablepatchmanagementserverwebdetect.nbin...

PT-2025-31398 · Dell · Dell Security Management Server +1

Name of the Vulnerable Software and Affected Versions: Dell Encryption and Dell Security Management Server versions prior to 11.11.0 Description: Dell Encryption and Dell Security Management Server are affected by an Improper Link Resolution Before File Access 'Link Following' issue. A local...

CVE-2025-6712 MongoDB Server may be susceptible to DoS due to Accumulated Memory Allocation

MongoDB Server may be susceptible to disruption caused by high memory usage, potentially leading to server crash. This condition is linked to inefficiencies in memory management related to internal operations. In scenarios where certain internal processes persist longer than anticipated, memory...

PT-2025-27541 · Hikvision · Hikvision Streaming Media Management Server

Name of the Vulnerable Software and Affected Versions: Hikvision Streaming Media Management Server version 2.3.5 Description: The issue allows remote attackers to authenticate using default credentials and access restricted functionality. After authentication, an attacker can exploit an arbitrary...

Hikvision Streaming Media Management Server 安全漏洞

Hikvision Streaming Media Management Server is a media management system from Hikvision China. A security vulnerability exists in Hikvision Streaming Media Management Server version v2.3.5, which stems from default credentials and directory traversal leading to arbitrary file reads...

VulnCheck KEV: CVE-2025-34058

Hikvision Streaming Media Management Server v2.3.5 uses default credentials that allow remote attackers to authenticate and access restricted functionality. After authenticating with these credentials, an attacker can exploit an arbitrary file read vulnerability in the /systemLog/downFile.php...

PT-2025-24597 · Sap · Sap Master Data Management Server

Name of the Vulnerable Software and Affected Versions: SAP Master Data Management Server affected versions not specified Description: The issue allows an attacker to gain control of existing client sessions and execute certain functions without having to re-authenticate. This gives the ability to...