2898 matches found
PT-2026-44804
Name of the Vulnerable Software and Affected Versions Waterfall WF-500 TX Host version 7.9.1.0 R2502171040 Description An OS Command Injection issue exists in the Administration WebUI, which allows remote authenticated attackers to execute arbitrary operating system commands. OS Command Injection...
Waterfall WF-500 操作系统命令注入漏洞
The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. The Waterfall WF-500 has a vulnerability related to operating system command injection. This vulnerability stems from command injecti...
PT-2026-44805
Name of the Vulnerable Software and Affected Versions Waterfall WF-500 TX Host version 7.9.1.0 R2502171040 Description An OS Command Injection issue exists in the Administration WebUI, which allows remote authenticated attackers to execute arbitrary operating system commands on the host. OS Comma...
PT-2026-44813
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...
PT-2026-44812
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...
PT-2026-44815
Name of the Vulnerable Software and Affected Versions Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040 Description The Console WebUI contains an OS Command Injection issue, which occurs when special elements used in an OS command are not properly neutralized. This allows remote...
PT-2026-44814
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...
PT-2026-44810
Name of the Vulnerable Software and Affected Versions Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040 Description The Console WebUI contains an OS Command Injection issue, which occurs when special elements used in an OS command are not properly neutralized. This allows remote...
Waterfall WF-500 操作系统命令注入漏洞
The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. Version 7.9.1.0 R2502171040 of the Waterfall WF-500 RX Host contains an operating system command injection vulnerability. This...
CVE-2026-21785
A misconfigured Content Security Policy CSP in HCL BigFix Remote Control Server WebUI versions 10.1.0.0442 and earlier fails to define directives without fallbacks, allowing attackers to bypass intended security restrictions and load unauthorized resources...
HCL BigFix Remote Control Server WebUI 安全漏洞
HCL BigFix Remote Control Server WebUI is a web interface provided by the Indian company HCL for remote management and control. HCL BigFix Remote Control Server WebUI versions 10.1.0.0442 and earlier have security vulnerabilities. These vulnerabilities stem from incorrect configuration of content...
[SECURITY] Fedora 42 Update: nodejs-aw-webui-0^20260516.8d9a7f8-1.fc42
A web-based UI for ActivityWatch, built with Vue.js...
[SECURITY] Fedora 44 Update: nodejs-aw-webui-0^20260516.8d9a7f8-1.fc44
A web-based UI for ActivityWatch, built with Vue.js...
Fedora 43 : aw-server-rust / awatcher / nodejs-aw-webui (2026-c9d4e8b9a4)
The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-c9d4e8b9a4 advisory. Rebuilt with openssl 0.10.79 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...
Fedora 42 : aw-server-rust / awatcher / nodejs-aw-webui (2026-7047e2fec5)
The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-7047e2fec5 advisory. Rebuilt with openssl 0.10.79 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...
Fedora 44 : aw-server-rust / awatcher / nodejs-aw-webui (2026-f4ddcfa64b)
The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-f4ddcfa64b advisory. Rebuilt with openssl 0.10.79 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...
Exploit for Allocation of Resources Without Limits or Throttling in Openwebui Open_Webui
CVE-2024-12537 Open WebUI Code Format DoS Lab This repository...
Astra Linux - уязвимость в chromium
A heap buffer overflow in the WebUI of Google Chrome prior to version 100.0.4896.60 allowed a remote attacker who convinced a user to perform certain user interactions to potentially exploit heap corruption by making specific inputs in DevTools...
Astra Linux - уязвимость в chromium
Integer underflow in WebUI of Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. Chromium security severity: High...
Astra Linux - уязвимость в chromium
A heap buffer overflow in the Mojom IDL of Google Chrome prior to version 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...