CVE-2026-24790

Technical details about CVE-2026-24790 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-24790 Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller Missing Authentication for Critical Function

The underlying PLC of the device can be remotely influenced, without proper safeguards or authentication...

CVE-2026-24790 Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller Missing Authentication for Critical Function

The underlying PLC of the device can be remotely influenced, without proper safeguards or authentication...

Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller 访问控制错误漏洞

The Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller is an industrial natural gas odorization system developed by the American company Welker. This system has a security vulnerability known as access control errors. The vulnerability stems from insufficient protective measures or...

Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller

RISK EVALUATION Successful exploitation of this vulnerability could result in an over- or under-odorization event. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

EUVD-2024-26108

Malicious code in bioql PyPI...

CVE-2025-3230 Bypass of System Admin User Deactivation Controls for Personal Access Tokens in Mattermost Server

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fails to properly invalidate personal access tokens upon user deactivation, allowing deactivated users to maintain full system access by exploiting access token validation flaws via continued usage of previous...

CVE-2022-43628

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

CVE-2019-15615

A wrong check for the system time in the Android App 3.9.0 causes a bypass of the lock protection when changing the time of the system to the past...

CVE-2025-27429 Code Injection Vulnerability in SAP S/4HANA (Private Cloud or On-Premise)

SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating...

PT-2025-4225 · Microsoft · Office

Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Description: A security-feature bypass issue allows attackers to affect the system. This issue is related to a security feature bypass in Microsoft Office. Recommendations: At the moment, there...

CVE-2024-0160

Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS...

CVE-2022-47531

An issue was discovered in Ericsson Evolved Packet Gateway EPG versions 3.x before 3.25 and 2.x before 2.16, allows authenticated users to bypass system CLI and execute commands they are authorized to execute directly in the UNIX shell...

CVE-2022-43623

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

Octobercms 安全漏洞

Octobercms is a Php-based Cms website builder from Octobercms Inc. in the United States. Octobercms suffers from a security vulnerability that originates from user input not being properly cleared before rendering. An authenticated user with the permission to create, modify, and delete pages on t...

CVE-2018-11048

Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1 contain a XML External Entity XXE Injection vulnerability in the REST API. An authenticated remote malicious user could potentially exploit this vulnerability to...

Canon LBP6030w Access Control Vulnerability

The Canon LBP6030w is a color laser printer device from Canon Japan. A security vulnerability exists in the web interface of the Canon LBP6030w. The vulnerability can be exploited by an attacker to bypass System Manager Mode and gain full access to the device without a PIN...

Mozilla Thunderbird Multiple Vulnerabilities -01 Apr13 (Windows)

This host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdmultvuln01apr13win.nasl 6086 2017-05-09 09:03:30Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities -01 Apr13 Windows Authors: Thanga Prakash S...