837 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-44476
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to read local files on the server...
CGM CLININET Access Control Error Vulnerability (CNVD-2025-19813)
CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from an Access Control Error vulnerability that originates from improper access control in the serverConfig endpoint, which can be exploited by an attacker to gain unauthorized access to sensitive...
CVE-2025-30048
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2025-30048 Unauthenticated access to module configuration endpoint
The "serverConfig" endpoint, which returns the module configuration including credentials, is accessible without authentication...
CVE-2025-30048 Unauthenticated access to module configuration endpoint
The "serverConfig" endpoint, which returns the module configuration including credentials, is accessible without authentication...
CVE-2025-41452 Post auth nginx configuration injection in Danfoss AK-SM8xxA Series
Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by improper handling of exceptional conditions...
CVE-2011-10014
GTA San Andreas Multiplayer SA-MP server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code when the server binary samp-server.exe processes a crafted ech...
CVE-2011-10014 GTA SA-MP server.cfg Buffer Overflow
GTA San Andreas Multiplayer SA-MP server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code when the server binary samp-server.exe processes a crafted ech...
CVE-2011-10014 GTA SA-MP server.cfg Buffer Overflow
GTA San Andreas Multiplayer SA-MP server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code when the server binary samp-server.exe processes a crafted ech...
Rockstar Games GTA San Andreas Multiplayer 安全漏洞
Rockstar Games GTA San Andreas Multiplayer is an online multiplayer game from Rockstar Games, USA. A security vulnerability exists in Rockstar Games GTA San Andreas Multiplayer version 0.3.1.1, which originates from a stack buffer overflow when parsing server.cfg and could lead to the execution o...
PT-2025-33083 · Unknown · Gta San Andreas Multiplayer
Name of the Vulnerable Software and Affected Versions: GTA San Andreas Multiplayer SA-MP version 0.3.1.1 Description: GTA San Andreas Multiplayer SA-MP server version 0.3.1.1 is vulnerable to a stack-based buffer overflow. This occurs when parsing a malformed server.cfg configuration file. The...
CVE-2025-54136 Cursor's Modification of MCP Server Definitions Bypasses Manual Re-approvals
Cursor is a code editor built for programming with AI. In versions 1.2.4 and below, attackers can achieve remote and persistent code execution by modifying an already trusted MCP configuration file inside a shared GitHub repository or editing the file locally on the target's machine. Once a...
CVE-2025-7578
A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16. It has been declared as critical. This vulnerability affects the function sendCommand of the file runcmd.sh. The manipulation of the argument cmd leads to command injection. The attack can be initiated remotely...
PT-2025-29428 · Teledyne Flir · Flir Fh-Series Id +1
Name of the Vulnerable Software and Affected Versions: Teledyne FLIR FB-Series O and FLIR FH-Series version 1.3.2.16 Description: A critical issue exists in the sendCommand function of the runcmd.sh file. Manipulation of the cmd argument can lead to command injection. The attack can be initiated...
CVE-2025-34084
An unauthenticated information disclosure vulnerability exists in the WordPress Total Upkeep plugin also known as BoldGrid Backup prior to version 1.14.10. The plugin exposes multiple endpoints that allow unauthenticated users to retrieve detailed server configuration env-info.php and discover...
PT-2025-28830 · WordPress · Wordpress Total Upkeep
Name of the Vulnerable Software and Affected Versions: WordPress Total Upkeep plugin versions prior to 1.14.10 Description: An unauthenticated information disclosure issue exists, allowing unauthenticated users to retrieve detailed server configuration and discover backup metadata. The exposed...
CVE-2025-27452
The configuration of the Apache httpd webserver which serves the MEAC300-FNADE4 web application, is partly insecure. There are modules activated that are not required for the operation of the FNADE4 web application. The functionality of the some modules pose a risk to the webserver which enable...
The vulnerability of the ServerConfig.PublicKeyCallback() function in the Go programming language library allows a hacker to bypass security restrictions.
The vulnerability of the ServerConfig.PublicKeyCallback function in the Go programming language library is related to deficiencies in the authentication process when handling keys. Exploiting this vulnerability could allow a malicious actor to circumvent security restrictions from a remote locati...
Vantage6 Server JWT secret not cryptographically secure
Impact The JWT secret key in the vantage6 server is auto-generated unless defined by the user. The auto-generated key is a UUID1, which is not cryptographically secure as it is predictable to some extent Patches No Workarounds You may define JWT secret key in the server configuration file...
GHSA-M3MQ-F375-5VGH Vantage6 Server JWT secret not cryptographically secure
Impact The JWT secret key in the vantage6 server is auto-generated unless defined by the user. The auto-generated key is a UUID1, which is not cryptographically secure as it is predictable to some extent Patches No Workarounds You may define JWT secret key in the server configuration file...