49 matches found
CVE-2025-69784
A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2.5.1.0 kernel driver to modify the DLL injection path used by the product. By redirecting this path to a user-writable location, an attacker can cause OpenEDR to load an attacker-controlled DLL into...
CVE-2026-25888 Chartbrew: Remote Code Execution (RCE) via Vulnerable API
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.1, there is a remote code execution vulnerability via a vulnerable API. This issue has been patched in version 4.8.1...
PT-2025-32665 · Siemens · Sinec Traffic Analyzer
Name of the Vulnerable Software and Affected Versions: SINEC Traffic Analyzer affected versions not specified Description: The application uses a monitoring interface that is not operating in a strictly passive mode, potentially allowing an attacker to interact with the interface and conduct...
CVE-2021-30230
The api/ZRFirmware/settimezone interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the zonename parameter...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the listCount function in the WorkflowDAO interface. An attacker can extract sensitive information from the database by manipulating the workflowtype and status parameters to construct malicious SQL queries. Remediatio...
Fortinet Fortigate Stack buffer overflow in fabric service (FG-IR-24-160)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-160 advisory. - A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.4 through 7.2.8 and version 7.4.0 throu...
CVE-2024-39950
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization...
CVE-2024-39948
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash...
CVE-2024-39949
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash...
CVE-2024-39947
A vulnerability has been found in Dahua products.After obtaining the ordinary user's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash...
CVE-2024-39946
A vulnerability has been found in Dahua products.After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing device initialization...
CVE-2024-39945
A vulnerability has been found in Dahua products. After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash...
CVE-2024-39944
A vulnerability has been found in Dahua products.Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash...
PT-2024-28748 · Dahua · Dahua
Name of the Vulnerable Software and Affected Versions: Dahua products affected versions not specified Description: A vulnerability has been found in Dahua products. After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface wi...
PT-2024-28753 · Dahua · Dahua
Name of the Vulnerable Software and Affected Versions: Dahua products affected versions not specified Description: A vulnerability has been found in Dahua products, allowing attackers to send carefully crafted data packets to the vulnerable interface, which can initiate device initialization...
Dahua NVR 安全漏洞
Dahua NVR is a series of network video recorders from Dahua China. A security vulnerability exists in the Dahua NVR4XXX IPC-HX8XXX. An attacker can send a carefully constructed packet to the vulnerable interface to initiate device initialization...
PT-2024-28751 · Dahua · Dahua
Name of the Vulnerable Software and Affected Versions: Dahua products affected versions not specified Description: A vulnerability has been found in Dahua products, allowing attackers to send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash...
PT-2024-28746 · Dahua · Dahua
Name of the Vulnerable Software and Affected Versions: Dahua products affected versions not specified Description: A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash. Recommendation...
Dahua NVR 安全漏洞
Dahua NVR is a series of network video recorders from Dahua China. A security vulnerability exists in the Dahua NVR4XXXIPC-HX8XXX, which stems from the fact that an attacker can send a crafted packet to a vulnerable interface, causing the device to crash...
Dahua NVR 安全漏洞
Dahua NVR is a series of network video recorders from Dahua China. A security vulnerability exists in the Dahua NVR4XXX. An attacker can send a carefully constructed packet to the vulnerable interface, causing the device to crash...