PT-2026-22126

Name of the Vulnerable Software and Affected Versions PcVue versions 12.0.0 through 16.3.3 Description The default configuration of IIS and ASP.net adds HTTP headers that are not removed during the deployment of webservices used by the WebVue, WebScheduler, TouchVue, and SnapVue features. This...

Wings 安全漏洞

Wings is the server control interface for Pterodactyl Panel. Versions of Wings prior to 1.12.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of authorization checks in multiple controllers, which could allow node token holders to access information about any serv...

EUVD-2025-201915

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected devices exposes server information in its responses. This could allow an attacker with network access to gain useful information, increasing the likelihood of targeted attacks...

CVE-2025-40941

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected devices exposes server information in its responses. This could allow an attacker with network access to gain useful information, increasing the likelihood of targeted attacks...

CVE-2025-40941

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected devices exposes server information in its responses. This could allow an attacker with network access to gain useful information, increasing the likelihood of targeted attacks...

CVE-2025-40941

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected devices exposes server information in its responses. This could allow an attacker with network access to gain useful information, increasing the likelihood of targeted attacks...

CVE-2025-40941

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected devices exposes server information in its responses. This could allow an attacker with network access to gain useful information, increasing the likelihood of targeted attacks...

CVE-2025-40941

SIMATIC CN 4100 (all versions

CVE-2025-9804 Improper Access Control in Multiple WSO2 Products via Internal SOAP Admin Services and System REST APIs

An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level...

EUVD-2021-1336

Malware in sbrugna...

PT-2025-35101

Name of the Vulnerable Software and Affected Versions: Meitrack T366G-L GPS Tracker devices affected versions not specified Description: The SPI flash chip Winbond 25Q64JVSIQ in Meitrack T366G-L GPS Tracker devices is accessible without authentication or tamper protection. An attacker with physic...

CVE-2025-53505

Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a path traversal vulnerability. If this vulnerability is exploited, information on the server hosting the product may be exposed...

Group Office 路径遍历漏洞

Group Office is a modular office suite from the Dutch company Group Office. A path traversal vulnerability exists in Group Office versions prior to 6.8.119 and prior to 25.0.20, which stems from a path traversal attack that could lead to the exposure of server information...

VulnCheck KEV: CVE-2024-32870

Combodo iTop is a simple, web based IT Service Management tool. Server, OS, DBMS, PHP, and iTop info name, version and parameters can be read by anyone having access to iTop URI. This issue has been patched in versions 2.7.11, 3.0.5, 3.1.2, and 3.2.0. Users are advised to upgrade. There are...

CVE-2024-37162

zsa is a library for building typesafe server actions in Next.js. All users are impacted. The zsa application transfers the parse error stack from the server to the client in production build mode. This can potentially reveal sensitive information about the server environment, such as the machine...

CVE-2020-27622

In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version...

VulnCheck KEV: CVE-2021-20617

Improper access control vulnerability in acmailer ver. 4.0.1 and earlier, and acmailer DB ver. 1.1.3 and earlier allows remote attackers to execute an arbitrary OS command, or gain an administrative privilege which may result in obtaining the sensitive information on the server via unspecified...

Trend Micro Apex One 加密问题漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro. A security vulnerability exists in the Trend Micro Apex One 2021 On-prem SaaS version, which stems from the fact that if certain traffic data is intercepted and decoded, some information related to the server may be obtaine...

CVE-2022-23982

The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin versions = 2.0.4 allows server information exposure...

CVE-2022-23982

The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin versions = 2.0.4 allows server information exposure...