16 matches found
CVE-2026-2753
An Absolute Path Traversal vulnerability exists in Navtor NavBox. The application exposes an HTTP service that fails to properly sanitize user-supplied path input. Unauthenticated remote attackers can exploit this issue by submitting requests containing absolute filesystem paths. Successful...
Explorance Blue security vulnerabilities
Explorance Blue is a learning experience management software developed by the Canadian company Explorance. Versions of Explorance Blue prior to 8.14.13 contained security vulnerabilities. These vulnerabilities stemmed from the Web service component’s ability to allow authenticated remote file...
Linux Distros Unpatched Vulnerability : CVE-2024-25983
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available e.g....
mySCADA myPRO Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of mySCADA myPRO. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 34022 by default. The issue results from the la...
CVE-2025-1044 Logsign Unified SecOps Platform Authentication Bypass Vulnerability
Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1044 Logsign Unified SecOps Platform Authentication Bypass Vulnerability
Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
Logsign Unified SecOps Platform Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 443 by default. The issue...
CVE-2024-8808
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cohesive Networks VNS3. Authentication is required to exploit this vulnerability. The specific flaw exists within the web...
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cohesive Networks VNS3. Authentication is required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 8000 by default. The issue results from th...
KubeClarity Security Vulnerability
KubeClarity is an OpenClarity open source tool for detecting and managing software bill of materials SBOM as well as container image and file system vulnerabilities. A security vulnerability exists in KubeClarity versions prior to 2.23.1 that stems from a SQL injection in the KubeClarity REST API...
TP-LINK TL-WR841N 安全漏洞
The TP-LINK TL-WR841N is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK TL-WR841N that stems from a specific flaw in the httpd service, which allows network neighbor attackers to obtain sensitive information on the affected router...
PT-2023-9215 · D Link · D-Link G416
Name of the Vulnerable Software and Affected Versions: D-Link G416 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. The flaw exists within the HTTP service listening on TC...
The vulnerability of the web service for Lexmark printer devices allows a perpetrator to execute arbitrary codes.
The vulnerability of the New Lexmark Device printers’ web service is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
CVE-2022-32255
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.1. The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to limited information...
The vulnerability of the microprogramming software for Desigo PX arises from incorrect verification of input data by the PX Web service (port TCP/80). This allows a perpetrator to trigger a service failure.
The vulnerability of the microprogramming software for Desigo PX is related to incorrect verification of input data by the PX Web service port TCP/80. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability in the web service of the software for IT service management and intelligent monitoring, IBM Application Performance Management, allows a attacker to execute arbitrary code.
The vulnerability in the web service of the software for managing IT services and intelligent monitoring of IBM Application Performance Management APM is related to the lack of authentication for a critical function. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...