CVE-2026-34123

On Tapo C520WS v2, restricted accounts for example, hub users are intended to execute only a limited set of low‑sensitivity operations. Due to a logic flaw in the device’s API authorization mechanism, an attacker can craft requests that leverage legitimate “method mapping” behavior to bypass...

CVE-2026-22924

CVE-2026-22924 affects SIMATIC CN 4100 (all versions < V5.0). The vulnerability arises from insufficiently restricted unauthenticated connections, enabling resource exhaustion that can disrupt operations and potentially impact system availability and integrity. Connected references reiterate t...

PT-2026-2351

Name of the Vulnerable Software and Affected Versions versions prior to 2025-41717 Description An unauthenticated remote attacker can trick a high privileged user into uploading a malicious payload via the config-upload endpoint, leading to code injection as root. This results in a total loss of...

kernel: drm/amdgpu: SDMA update use unlocked iterator

A denial of service exists in the linux kernel such that there is a SDMA update page table may be called from an unlocked context, leading to damage to system availability and integrity...

GE CIMPLICITY HMI/SCADA Software 安全漏洞

GE CIMPLICITY HMI/SCADA Software is an automated industrial platform from General Electric GE. It provides true client-server visualization and control from a single machine to plant locations around the world, helping to manage operations and improve decision making. A buffer overflow...

expat: Integer overflow in doProlog in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

expat: Integer overflow in addBinding in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality a...

SCIMono Injection Vulnerability

Parvan Dobrev scimono is Parvan Dobrev an open source application . It provides a server-side and a client-side. An injection vulnerability exists in SCIMono, which could allow an attacker to inject and execute java expressions, thereby compromising system availability and integrity. The followin...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Functional Tester (CVE-2018-2633, CVE-2018-2634, CVE-2018-2603, CVE-2018-2602, CVE-2018-2579)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and 8 that is used by Rational Functional Tester. These issues were disclosed as part of the IBM Java SDK updates in January 2018. Vulnerability Details If you run your own Java code using the IBM Java...

Oracle Solaris Cluster Local Vulnerability (CNVD-2018-09107)

Oracle Sun Solaris is a computer operating system developed by Sun Microsystems. It is a derivative of the UNIX operating system. The Oracle Solaris Cluster product has a security vulnerability in its implementation that is exploited by attackers to compromise the availability, integrity, and...

Unspecified Vulnerability in Oracle Banking Corporate Lending Component

Oracle Financial Services Applications is the United States Oracle Oracle company's set of core banking, online banking and property management in one of the financial services software. Oracle Banking Corporate Lending is one of the bank loan management component. A security vulnerability exists...

Oracle VM VirtualBox Local Vulnerability (CNVD-2017-13813)

Oracle Virtualization is a virtualization solution from Oracle Corporation, of which Oracle VM VirtualBox is a virtual machine component. A security vulnerability exists in the Core subcomponent of the Oracle VM VirtualBox component of Oracle Virtualization. An attacker could exploit this...

KLA10744 Multiple vulnerabilities in Oracle VM VirtualBox

An unspecified vulnerabilities were found in Oracle VirtualBox. By exploiting these vulnerabilities malicious users can affect availability, integrity and confidentiality. These vulnerabilities can be exploited remotely via an unknown vectors related to Core and Windows Installer. Original...

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2015-00595)

Oracle VM VirtualBox is an open source virtual machine software. A security vulnerability in the VMSVGA device child of Oracle VM VirtualBox versions prior to 4.3.20 allows remote attackers to exploit the vulnerability to affect the availability, integrity of the system...

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2015-00593)

Oracle VM VirtualBox is an open source virtual machine software. A security vulnerability in the VMSVGA device child of Oracle VM VirtualBox versions prior to 4.3.20 allows remote attackers to exploit the vulnerability to affect the availability, integrity of the system...

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2015-00596)

Oracle VM VirtualBox is an open source virtual machine software. A security vulnerability in the VMSVGA device child of Oracle VM VirtualBox versions prior to 4.3.20 allows remote attackers to exploit the vulnerability to affect the availability, integrity of the system...

CVE-2013-3786

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel...