98 matches found
CVE-2025-27576
Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for IntelR TiberTM Edge Platform may allow an unauthenticated user to potentially enable denial of service via local access...
CVE-2025-30034
A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V3.3. Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to cause a denial of service condition...
CVE-2025-30034
A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V3.3. Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to cause a denial of service condition...
PHOENIX CONTACT多款产品 操作系统命令注入漏洞
PHOENIX CONTACT CHARX SEC-3050 and others are products of PHOENIX CONTACT, Germany.PHOENIX CONTACT CHARX SEC-3050 is an AC charge controller.PHOENIX CONTACT CHARX SEC-3100 is an AC PHOENIX CONTACT CHARX SEC-3150 is an AC charge controller. An operating system command injection vulnerability exist...
CVE-2023-49676
An unauthenticated local attacker may trick a user to open corrupted project files to crash the system due to use after free vulnerability...
CVE-2025-30101
Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use TOCTOU race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service and information tampering...
Exploit for CVE-2025-4524
CVE-2025-4524 - Unauthenticated madara-core Wordpress theme LF...
CVE-2025-26330
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account...
WordPress Keap Official Opt-in Forms plugin <= 2.0.1 - Unauthenticated Limited Local File Inclusion vulnerability
Unauthenticated Limited Local File Inclusion vulnerability discovered by Hiroho Shimada in WordPress Plugin Keap Official Opt-in Forms versions = 2.0.1...
PT-2025-6277
Name of the Vulnerable Software and Affected Versions: Dell UCC Edge version 2.3.0 Description: The issue concerns a Blind SSRF vulnerability in the Add Customer SFTP Server of Dell UCC Edge. An unauthenticated attacker with local access could exploit this, leading to Server-Side Request Forgery...
CVE-2020-9250
There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. Vulnerability ID: HWPSIRT-2019-12302 Th...
CVE-2024-53290
Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Command execution...
CVE-2024-47476
Dell NetWorker Management Console, versions 19.11, contains an Improper Verification of Cryptographic Signature vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Code execution...
CVE-2024-45271
An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation...
CVE-2024-4098 Shariff Wrapper <= 4.6.13 - Unauthenticated Local File Inclusion
The Shariff Wrapper plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.6.13 via the shariff3uufetchsharecounts function. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code i...
PT-2024-23401 · Dell · Telemetry Dashboard
Name of the Vulnerable Software and Affected Versions: Telemetry Dashboard version 1.0.0.8 for Dell ThinOS 2402 Description: The issue concerns a sensitive information disclosure vulnerability. It can be exploited by an unauthenticated user with local access to the device, potentially leading to...
Dell ThinOS Information Disclosure Vulnerability
Dell ThinOS is a client operating system from Dell USA. An information disclosure vulnerability exists in Dell ThinOS 2402 Telemetry Dashboard v1.0.0.8, which originates from allowing an unauthenticated user with local access to the device to disclose information...
CVE-2024-25999
An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service...
PHOENIX CONTACT CHARX SEC Input Validation Error Vulnerability
PHOENIX CONTACT CHARX SEC is a series of AC charge controllers from PHOENIX CONTACT, Germany. An input validation error vulnerability exists in PHOENIX CONTACT CHARX SEC-3000 versions prior to v1.5.1, which stems from incorrect input validation and allows an unauthenticated local attacker to...
CVE-2023-32460
Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation...