PT-2025-53360

FLIR thermal traffic cameras contain an unauthenticated device manipulation vulnerability in their WebSocket implementation that allows attackers to bypass authentication and authorization controls. Attackers can directly modify device configurations, access system information, and potentially...

EUVD-2023-52434

Malicious code in bioql PyPI...

EUVD-2025-27214

Malicious code in bioql PyPI...

EUVD-2023-39167

Malicious code in bioql PyPI...

EUVD-2023-43021

Malicious code in bioql PyPI...

CVE-2025-42927

CVE-2025-42927 affects SAP NetWeaver AS Java via the Adobe Document Service, where a vulnerable OpenSSL version is bundled. Root cause is outdated OpenSSL in the SAP NetWeaver AS Java platform; exploitation could enable a high-privilege user to access and modify system information. Impact is low ...

CVE-2019-14222

An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker...

CVE-2025-46742

Users who were required to change their password could still access system information before changing their password...

CVE-2025-46742 Improper Access Control

Users who were required to change their password could still access system information before changing their password...

Schweitzer Engineering Laboratories多款产品 安全漏洞

Schweitzer Engineering Laboratories SEL-5033 acSELerator RTAC Software and more are products of Schweitzer Engineering Laboratories, Inc. of the U.S.A. Schweitzer Engineering Laboratories SEL-5033 acSELerator RTAC Software is a graphical, easy-to-use tool that helps users quickly and easily...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba Japan. A security vulnerability exists in Toshiba e-STUDIO that originates from an administrator authentication process that can be bypassed to access multifunction device system information and web pages for...

CVE-2023-39289

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information...

Online Student Admission v1.0 SQL injection Vulnerability

Title: Online Student Admission v1.0 SQLi Author: nu11secur1ty Date: 03.28.2022 Vendor: https://www.sourcecodester.com/users/walterjnr1 Software: https://www.sourcecodester.com/php/14874/online-student-admission-system.html Reference:...

Ecoa Bas controller 路径遍历漏洞

ECOA BAS controller is a smart lighting control solution. ECOA BAS controller is vulnerable to directory traversal, which can be exploited by attackers to compromise sensitive and system information...

QSAN Storage Manager 安全漏洞

QSAN Storage Manager is a NAS operating system from Quantium Technologies Incorporated QSAN. An information disclosure vulnerability exists in QSAN Storage Manager, which stems from not adding effective privilege controls to the Access to System Information feature. The vulnerability can be...

LAquis SCADA Web Server URI Parsing Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of URIs by the product's web server. A crafted URI can cause the w...

CVE-2012-0210

debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a 1 .dsc or 2 .changes file...

CVE-2001-0687

Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by 1 issuing a CD command CD C: followed by the LS command, 2 specifying arbitrary paths in the UNC format \computername\sharename...