CVE-2025-30030

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ImportDatabase' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-32854

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockOpcSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-32843

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockUser' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write ...

CVE-2025-32870

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetTraces' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write...

CVE-2025-32840

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockGateway' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and wri...

CVE-2025-32855

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockOpcSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

CVE-2025-32864

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and wri...

CVE-2025-32831

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-31351

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'CreateProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-30031

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateUsers' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and wri...

CVE-2025-32849

TeleControl Server Basic (All versions

CVE-2025-32848

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockSmtpSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from an...

CVE-2025-32847

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockGeneralSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read fr...

CVE-2025-32838

The affected software is Siemens TeleControl Server Basic (versions before 3.1.2.2). The vulnerability is an SQL injection in the internal ImportConnectionVariables method that could allow an authenticated remote attacker to bypass authorization, read from and write to the database, and execute c...

CVE-2025-32838

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ImportConnectionVariables' method. This could allow an authenticated remote attacker to bypass authorization controls, to rea...

CVE-2025-31343

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateTcmSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

CVE-2023-7043 Unquoted path privilege vulnerability in ESET products for Windows

Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions...

CVE-2023-7043

CVE-2023-7043 describes an unquoted service path vulnerability in ESET Windows products, enabling a dropped program to be placed in a location and launched at boot with NT AUTHORITY\NetworkService permissions. The available documents confirm the affected products are ESET Endpoint Security/Endpoi...