Canon Devices - Authentication Bypass in Catwalk Server

Certain Canon devices manufactured in 2012 through 2020 such as imageRUNNER ADVANCE iR-ADV C5250, when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail to the attacker. For...

ac-solver (=0.1.0), adversarial-insight-ml (=0.1.0) +537 more potentially affected by CVE-2026-24747 via torch (>=2.0.0 <=2.0.1)

torch PYPI version =2.0.0, =0.0.2, =1.2.3, =0.2.2, =0.0.2, =0.0.0, =1.9.0, =0.0.3, =0.8.0, =0.1.0, =0.0.1, =1.9.0, =1.17.1 - aisee =0.1.0 and more Source cves: CVE-2026-24747 Source advisory: SNYK:PYTHON-TORCH-15123585...

CVE-2025-53445

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Catwalk catwalk allows PHP Local File Inclusion.This issue affects Catwalk: from n/a through = 1.4...

EUVD-2025-204207

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Catwalk catwalk allows PHP Local File Inclusion.This issue affects Catwalk: from n/a through = 1.4...

CVE-2025-53445

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Catwalk catwalk allows PHP Local File Inclusion.This issue affects Catwalk: from n/a through = 1.4...

CVE-2025-53445

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Catwalk catwalk allows PHP Local File Inclusion.This issue affects Catwalk: from n/a through = 1.4...

CVE-2025-53445 WordPress Catwalk theme <= 1.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Catwalk catwalk allows PHP Local File Inclusion.This issue affects Catwalk: from n/a through = 1.4...

CVE-2025-53445 WordPress Catwalk theme <= 1.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Catwalk catwalk allows PHP Local File Inclusion.This issue affects Catwalk: from n/a through = 1.4...

CVE-2025-53445

The CVE-2025-53445 entry concerns the WordPress Catwalk (axiomthemes Catwalk) plugin/theme with versions up to and including 1.4, describing an improper control of filenames for include/require statements that enables PHP Local File Inclusion. Affected component: Catwalk’s include/require handlin...

PT-2025-52039

Name of the Vulnerable Software and Affected Versions axiomthemes Catwalk versions through 1.4 Description An improper control of filename for include/require statement issue exists in axiomthemes Catwalk, potentially allowing PHP Local File Inclusion. The issue is related to how the software...

WordPress plugin Catwalk 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress Catwalk theme <= 1.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Catwalk versions = 1.4...

Code injection

Certain Canon devices manufactured in 2012 through 2020 such as imageRUNNER ADVANCE iR-ADV C5250, when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail to the attacker. For...

PT-2021-21971

Name of the Vulnerable Software and Affected Versions: Canon devices manufactured in 2012 through 2020, such as imageRUNNER ADVANCE iR-ADV C5250 Description: The issue allows remote attackers to modify an e-mail address setting when Catwalk Server is enabled for HTTP access, causing the device to...

VulnCheck KEV: CVE-2021-38154

Certain Canon devices manufactured in 2012 through 2020 such as imageRUNNER ADVANCE iR-ADV C5250, when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail to the attacker...

Canon 多款产品信息泄露漏洞

The Canon imageRUNNER ADVANCE iR-ADV C5250 is a multifunctional office device from Canon Japan. An information disclosure vulnerability exists in multiple Canon products, which originates in certain Canon devices manufactured from 2012 through 2020 such as the imageRUNNER ADVANCE iR-ADV C5250, an...

Huawei TripAdvisor Catwalk App Loads Arbitrary URL Vulnerability

TripAdvisor offers a wealth of travel planning and booking features, as well as powerful offline downloads and local services, making it a "must-have" tool for your outbound travel. A load arbitrary URL vulnerability exists in the Huawei TripAdvisor Catwalk application due to insufficient paramet...

catwalkcreativevintage.co.uk XSS vulnerability

Vulnerable URL: http://www.catwalkcreativevintage.co.uk/shop/search.php?q=%22%3E%3Csvg%2Fonload%3Dprompt%28%2FXSSPOSED%2F%29%3E Details: Description| Value ---|--- Patched:| Yes, at 06.12.2015 Latest check for patch:| 06.12.2015 08:32 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...