522 matches found
CVE-2026-37541
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatgvret.cpp, the length field in GVRET binary data is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted GVRET frames...
CVE-2026-40179
Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without...
[SECURITY] Fedora 43 Update: prometheus-3.10.0-1.fc43
The Prometheus monitoring system and time series database...
Copeland XWEB PRO 操作系统命令注入漏洞
Copeland XWEB PRO is an advanced commercial and industrial refrigeration monitoring and management system developed by the American company Copeland. Versions of Copeland XWEB Pro prior to 1.12.1 contained a vulnerability related to operating system command injection. This vulnerability arises fr...
CVE-2026-3046
A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This vulnerability affects unknown code of the file /checkprofileold.php. The manipulation of the argument profileid leads to sql injection. Remote exploitation of the attack is...
CVE-2026-3046
A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This vulnerability affects unknown code of the file /checkprofileold.php. The manipulation of the argument profileid leads to sql injection. Remote exploitation of the attack is...
EUVD-2026-7458
A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This vulnerability affects unknown code of the file /checkprofileold.php. The manipulation of the argument profileid leads to sql injection. Remote exploitation of the attack is...
CVE-2026-3046 itsourcecode E-Logbook with Health Monitoring System for COVID-19 check_profile_old.php sql injection
A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This vulnerability affects unknown code of the file /checkprofileold.php. The manipulation of the argument profileid leads to sql injection. Remote exploitation of the attack is...
CVE-2026-2620
A weakness has been identified in Huace Monitoring and Early Warning System 2.2. Affected by this issue is some unknown functionality of the file /Web/SysManage/ProjectRole.aspx. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. T...
CVE-2026-2620 Huace Monitoring and Early Warning System ProjectRole.aspx sql injection
A weakness has been identified in Huace Monitoring and Early Warning System 2.2. Affected by this issue is some unknown functionality of the file /Web/SysManage/ProjectRole.aspx. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. T...
CVE-2026-2620
Huace Monitoring and Early Warning System version 2.2 is affected by a SQL injection in the web application path /Web/SysManage/ProjectRole.aspx when the ID parameter is manipulated. The vulnerability is exploitable remotely, with public exploits available, and the vendor has not responded to dis...
PT-2026-20337
Name of the Vulnerable Software and Affected Versions Huace Monitoring and Early Warning System version 2.2 Description A weakness exists in Huace Monitoring and Early Warning System 2.2, specifically within an unknown functionality of the /Web/SysManage/ProjectRole.aspx file. Manipulating the ID...
CVE-2026-24413
Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the %ProgramData%\icinga2\var folder on Windows. This resulted in the its contents - including the private key of the...
Ax-Solutions Visual Tools Dvr Vx16 security vulnerabilities
Ax-Solutions Visual Tools Dvr Vx16 is a video monitoring system developed by the American company Ax-Solutions. It is used for image analysis. The version 4.2.28 of Ax-Solutions Visual Tools Dvr Vx16 contains a security vulnerability, which stems from improper configuration of the sudo command...
CVE-2025-59379
DwyerOmega Isensix Advanced Remote Monitoring System ARMS 1.5.7 allows an attacker to retrieve sensitive information from the underlying SQL database via Blind SQL Injection through the user parameter in the login page. This allows an attacker to steal credentials, which may be cleartext, from...
CVE-2024-2065
A vulnerability was found in SourceCodester Barangay Population Monitoring System up to 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /endpoint/update-resident.php. The manipulation of the argument fullname leads to cross site scripting. The...
PT-2026-1459
Name of the Vulnerable Software and Affected Versions DwyerOmega Isensix Advanced Remote Monitoring System ARMS version 1.5.7 Description The software allows an attacker to retrieve sensitive information from the underlying SQL database via Blind SQL Injection through the user parameter in the...
Project Monitoring System useredit.php File SQL Injection Vulnerability
Project Monitoring System is a project monitoring system. Project Monitoring System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uid in the file /useredit.php. An attacker can exploit this vulnerabilit...
CVE-2025-11585
A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...
CVE-2025-11585
A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...