Advantech WebAccess/SCADA SQL Injection Vulnerability

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. An SQL injection vulnerability exists in...

TencentOS Server 4: edk2 (TSSA-2025:0967)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0967 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2025-11542

Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs...

CVE-2025-11542

Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs...

CVE-2025-11542

Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs...

CVE-2025-11542

Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs...

CVE-2025-11541

Sharp Display Solutions projectors are affected by CVE-2025-11541, a stack-based buffer overflow vulnerability in the projector firmware that allows an attacker to execute arbitrary commands and programs. The issue is associated with NEC/Sharp-branded devices and is listed across multiple sources...

Sharp NP series 安全漏洞

The Sharp NP series is a series of large format commercial displays from Sharp Corporation of Japan. A security vulnerability exists in Sharp NP series, which stems from the presence of a stack-based buffer overflow issue that could allow an attacker to execute arbitrary commands and programs...

PT-2025-52629

Name of the Vulnerable Software and Affected Versions Sharp Display Solutions projectors affected versions not specified Description A stack-based buffer overflow exists in Sharp Display Solutions projectors. This allows an attacker to potentially execute arbitrary commands and programs...

PT-2025-52630

Name of the Vulnerable Software and Affected Versions Sharp Display Solutions projectors affected versions not specified Description A stack-based buffer overflow exists in Sharp Display Solutions projectors. This allows an attacker to potentially execute arbitrary commands and programs...

Sharp NP series 安全漏洞

The Sharp NP series is a series of large format commercial displays from Sharp Corporation of Japan. A security vulnerability exists in Sharp NP series, which stems from the presence of a stack-based buffer overflow issue that could allow an attacker to execute arbitrary commands and programs...

Sharp NP series 安全漏洞

The Sharp NP series is a series of large format commercial displays from Sharp Japan. A security vulnerability exists in Sharp NP series, which stems from the presence of a stack-based buffer overflow issue that could allow an attacker to execute arbitrary commands and programs...

CVE-2023-53942

File Thingie 2.5.7 contains an authenticated file upload vulnerability that allows remote attackers to upload malicious PHP zip archives to the web server. Attackers can create a custom PHP payload, upload and unzip it, and then execute arbitrary system commands through a crafted PHP script with ...

TP-Link WA850RE 安全漏洞

TP-Link WA850RE is a wireless signal extender from China P&L TP-Link. A security vulnerability exists in the TP-Link WA850RE V2160527 and earlier versions, which originates from a command injection in the httpd module that could lead to the execution of arbitrary commands...

Rapid7 Velociraptor < 0.74.3 Privilege Escalation

The version of Rapid7 Velociraptor installed on the remote host is prior to 0.74.3. It is, therefore, affected by privilege escalation vulnerability: - Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run...

CVE-2023-53933 Serendipity 2.4.0 Authenticated Remote Code Execution via File Upload

Serendipity 2.4.0 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files with .phar extension. Attackers can upload files with system command payloads to the media upload endpoint and execute arbitrary commands on the server...

CVE-2025-67792

An issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1.5. Local unprivileged users can manipulate a DriveLock process to execute arbitrary commands on Windows computers...

DriveLock 安全漏洞

DriveLock is an endpoint security and data protection platform from DriveLock Germany. A security vulnerability exists in DriveLock versions prior to 24.1.6, prior to 24.2.7, and prior to 25.1.5, which originates from a local, unprivileged user being able to manipulate the DriveLock process in a...

CVE-2025-65074

WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to execute arbitrary OS commands on the server using path traversal in the showerr script. This issue was fixed in version...

CVE-2025-65074

WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to execute arbitrary OS commands on the server using path traversal in the showerr script. This issue was fixed in version...