76 matches found
EUVD-2026-39643
Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers...
CVE-2026-49377
In JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parameters...
CVE-2026-8487
Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...
CVE-2025-40841
Ericsson Indoor Connect 8855 is affected by a Cross-Site Request Forgery (CSRF) vulnerability in versions prior to 2025.Q3. The issue can allow unauthorized modification of certain information with a CVSS v4.0 base score of 5.1 (MEDIUM). Attack vector is network, with low attack complexity and re...
CVE-2025-27260
CVE-2025-27260 affects Ericsson Indoor Connect 8855 (versions before 2025.Q3). It covers an Improper Filtering of Special Elements vulnerability that can lead to unauthorized modification of certain information. CVSSv4 base score 7.2 (HIGH): Attack vector NETWORK, complexity LOW, privileges REQUI...
Ericsson Indoor Connect 安全漏洞
Ericsson Indoor Connect is a small indoor base station developed by the Swedish company Ericsson. Versions of Ericsson Indoor Connect 8855 prior to Q3 2025 contained security vulnerabilities. These vulnerabilities were due to susceptibility to cross-site scripting attacks, which could lead to...
PT-2026-27763
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability which, if exploited, can lead to unauthorized modification of certain information...
Ericsson Indoor Connect 安全漏洞
Ericsson Indoor Connect is a small indoor base station developed by the Swedish company Ericsson. Versions of Ericsson Indoor Connect 8855 prior to 2025.Q3 contained security vulnerabilities. These vulnerabilities were due to susceptibility to cross-site request forgery attacks, which could lead ...
PT-2026-27764
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Request Forgery CSRF vulnerability which, if exploited, can lead to unauthorized modification of certain information...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2025.3.14 contained a security vulnerability; this vulnerability stemmed from the...
Intel VTune Profiler和Intel oneAPI Toolkits 代码问题漏洞
Intel VTune Profiler and Intel oneAPI Toolkits are products of Intel Corporation, a US company. Intel VTune Profiler is a performance testing tool designed to optimize software. This software can be used for performance testing in IoT embedded applications, media software, Java applications, and...
CVE-2026-24729
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
EUVD-2026-5016
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
PT-2026-5377
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
CVE-2026-24874 Type confusion in xray-monolith
Access of Resource Using Incompatible Type 'Type Confusion' vulnerability in themrdemonized xray-monolith.This issue affects xray-monolith: before 2025.12.30...
Everest-core security vulnerabilities
Everest-core is a major component of the open-source electric vehicle charging software stack developed by EVerest. Versions of everest-core prior to 2025.10.0 contained security vulnerabilities. These vulnerabilities were caused by integer overflows in the SdpPacket::parseheader function, which...
PT-2026-1542
Name of the Vulnerable Software and Affected Versions versions prior to 2025-47388 Description A memory corruption issue occurs when passing pages to the Digital Signal Processor DSP with an unaligned starting address. Recommendations At the moment, there is no information about a newer version...
PT-2026-1537
Name of the Vulnerable Software and Affected Versions versions prior to 2025-47346 Description A memory corruption issue exists when processing a secure logging command within the trusted application. This can lead to unexpected behavior or potential compromise of the system. Recommendations At t...
PT-2026-1530
Name of the Vulnerable Software and Affected Versions versions prior to 2025 affected versions not specified Description A memory corruption issue exists when processing clock configuration data associated with particular hardware. This can lead to unpredictable system behavior. Recommendations A...
PT-2026-1462
Name of the Vulnerable Software and Affected Versions versions prior to 2025 affected versions not specified Description A flaw exists due to insufficient input validation, resulting in a cross-site scripting XSS vector within the HTML filter code. This issue specifically relates to data URLs fou...