Silicon Simplicity SDK 安全特征问题漏洞

The Silicon Simplicity SDK is an embedded software development platform provided by Silicon Corporation in the United States. It is used to build IoT products based on our 2-series and upcoming 3-series wireless and MCU devices. The Silicon Simplicity SDK has a security feature vulnerability, whi...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Vulnerabilities exist in Mattermost versions 11.2.2 and earlier of the 11.2.x series, as well as versions 10.11.10 and earlier of the 10.11.x series, 11.4.0 and earlier of the 11.4.x series, and 11.3...

PT-2026-26195

Summary A vulnerability in Zitadel's OAuth2/OIDC interface, which allowed users to bypass organization enforcement during authentication. Impact Zitadel allows applications to enforce an organzation context during authentication using scopes urn:zitadel:iam:org:id:id and...

CVE-2026-20759

OS Command Injection vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation, which may allow a logged-in user with the low"monitoring user" or higher privilege to execute an arbitrary OS command...

CVE-2026-20894

CVE-2026-20894 affects TOA Corporation’s Network Cameras TRIFORA 3 series. The vulnerability is a Cross-site scripting (CWE-79) in the web interface, triggered when an attacking administrator submits malicious input on the setting screen. A logged-in user with high privileges can cause a victim a...

CVE-2026-20894

Cross-site scripting vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation. If an attacking administrator configures the affected product with some malicious input, an arbitrary script may be executed on the web browser of a victim administrator who accesse...

CVE-2026-20759

OS Command Injection vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation, which may allow a logged-in user with the low"monitoring user" or higher privilege to execute an arbitrary OS command...

PT-2026-3238

OS Command Injection vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation, which may allow a logged-in user with the low"monitoring user" or higher privilege to execute an arbitrary OS command...

EUVD-2025-198030

A remote command execution RCE vulnerability was discovered in all H3C ERG3/ERG5 series routers and XiaoBei series routers, cloud gateways, and wireless access points versions R0162P07, UAP700-WPT330-E2265, UAP672-WPT330-R2262, UAP662E-WPT330-R2262P03, WAP611-WPT330-R1348-OASIS,...

PT-2025-7452 · Hitachi Vantara · Hitachi Vantara Pentaho Business Analytics Server

Name of the Vulnerable Software and Affected Versions: Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.0 and 9.3.0.9, including 8.3.x Description: The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality...

PT-2024-3247 · Mitel · Mitel 6900 Series +2

Name of the Vulnerable Software and Affected Versions: Mitel 6800 Series versions through 6.3 SP3 HF4 Mitel 6900 Series versions through 6.3 SP3 HF4 Mitel 6900w Series versions through 6.3.3 Mitel 6970 Conference Unit versions through 5.1.1 SP8 Description: The issue is related to an authenticati...

VulnCheck KEV: CVE-2019-7254

Linear eMerge E3-Series devices allow File Inclusion...

EC-CUBE 3 series and 4 series vulnerable to arbitrary code execution

Overview EC-CUBE 3 series and 4 series provided by EC-CUBE CO.,LTD. contain an arbitrary code execution vulnerability CWE-94 due to improper settings of the product's template engine "Twig". Takeshi Miura of N.F.Laboratories Inc. reported this vulnerability to EC-CUBE CO.,LTD. EC-CUBE CO.,LTD. In...

CVE-2023-38405

On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash...

CVE-2023-38405

On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash...

PT-2023-26409 · Crestron · Crestron 3-Series Control Systems

Name of the Vulnerable Software and Affected Versions: Crestron 3-Series Control Systems versions prior to 1.8001.0187 Description: The issue allows an attacker to cause a crash by crafting and sending a specific BACnet packet. Recommendations: For Crestron 3-Series Control Systems versions prior...