74 matches found
CVE-2025-60965
CVE-2025-60965 affects EndRun Technologies Sonoma D12 Network Time Server (GPS) firmware 6010-0071-000, version 4.00. The vulnerability is OS command injection in the device’s command processing path, enabling potential arbitrary code execution, denial of service, privilege escalation, and inform...
EndRun Technologies Sonoma D12 Network Time Server 安全漏洞
EndRun Technologies Sonoma D12 Network Time Server is a time synchronization device from EndRun Technologies, USA. A security vulnerability exists in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00, which stems from susceptibility to cross-site scripting attacks...
CVE-2025-60961
Cross Site Scripting XSS vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information, and possibly other unspecified impacts...
CVE-2025-60967
EndRun Technologies Sonoma D12 Network Time Server (GPS) firmware 6010-0076-000 Ver 4.00 is affected by a Cross Site Scripting (XSS) vulnerability (CVE-2025-60967). The issue, as described across multiple sources, enables attackers to obtain sensitive information. The CVSSv3.1 vector is CVSS:3.1/...
CVE-2025-60962
Summary: CVE-2025-60962 describes an OS Command Injection vulnerability in EndRun Technologies’ Sonoma D12 Network Time Server (GPS) firmware version 4.00 (F/W 6010-0071-000). The issue is triggered via OS command injection and could allow a remote attacker to access sensitive information, with a...
PT-2025-40925
Name of the Vulnerable Software and Affected Versions EndRun Technologies Sonoma D12 Network Time Server GPS version 4.00 Description An issue exists in EndRun Technologies Sonoma D12 Network Time Server GPS that allows attackers to gain sensitive information through OS Command Injection. The...
PT-2025-40932
Name of the Vulnerable Software and Affected Versions EndRun Technologies Sonoma D12 Network Time Server GPS version 4.00 Description A Cross Site Scripting XSS issue exists in EndRun Technologies Sonoma D12 Network Time Server GPS. This flaw could allow attackers to obtain sensitive information...
CVE-2025-60957
The CVE-2025-60957 entry concerns EndRun Technologies Sonoma D12 Network Time Server (GPS) firmware 4.00 on hardware/version 6010-0071-000. The vulnerability is an OS Command Injection in the router’s OS, enabling an unauthenticated or remote attacker to potentially execute arbitrary code, cause ...
Microchip Technology (Microsemi) SyncServer S650 命令注入漏洞
Microchip Technology SyncServer Microsemi SyncServer is a series of network time servers from Microchip Technology USA. A security vulnerability exists in Microchip Technology Microsemi SyncServer S650. An attacker could exploit this vulnerability to perform a command injection attack...
Multiple Microsemi Product Path Traversal Vulnerabilities
Microsemi Symmetricom SyncServer S100 and others are a network time server from Microsemi, USA. A path traversal vulnerability exists in multiple Microsemi products. The vulnerability stems from a failure of a networked system or product to properly filter special elements in a resource or file...
Multiple Microsemi Product Path Traversal Vulnerabilities (CNVD-2020-29569)
Microsemi Symmetricom SyncServer S100 and others are a network time server from Microsemi, USA. A path traversal vulnerability exists in multiple Symmetricom products. The vulnerability stems from a failure of a networked system or product to properly filter special elements in a resource or file...
Multiple Microsemi Products Input Validation Error Vulnerability
Microsemi Symmetricom SyncServer S100 and others are a network time server from Microsemi, USA. A security vulnerability exists in several Symmetricom products that stems from the program's failure to properly handle authentication of callbacks. An attacker could exploit the vulnerability to...
Multiple Microsemi Product Path Traversal Vulnerabilities (CNVD-2020-29591)
Microsemi Symmetricom SyncServer S100 and others are a network time server from Microsemi, USA. A path traversal vulnerability exists in multiple Microsemi products. The vulnerability stems from a failure of a networked system or product to properly filter special elements in a resource or file...
Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the ntp-server package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicious individuals...