19178 matches found
PT-2025-47244
Name of the Vulnerable Software and Affected Versions SMASH-CLP shell affected versions not specified Description A stack-based buffer overflow exists in the SMASH-CLP shell. An authenticated attacker with SSH access to the Baseboard Management Controller BMC can exploit this issue by providing a...
Supermicro BMC Firmware 安全漏洞
Supermicro BMC Firmware is a system firmware from Supermicro Corporation USA. A security vulnerability exists in Supermicro BMC Firmware that originates from a stack buffer overflow in the BMC Web function that could lead to arbitrary code execution...
PT-2025-47249
Name of the Vulnerable Software and Affected Versions Supermicro BMC versions affected versions not specified Description A stack buffer overflow exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC can exploit a stack buffer via a crafted header,...
PT-2025-47245
Name of the Vulnerable Software and Affected Versions Supermicro BMC versions affected versions not specified Description A buffer overflow exists in the web stack of the Supermicro BMC on the MBD-X13SEDW-F model. An attacker gaining access to the BMC Web server can exploit this issue using a...
PT-2025-47250
Name of the Vulnerable Software and Affected Versions Supermicro BMC versions affected versions not specified Description A stack buffer overflow vulnerability exists in the web function of the Supermicro BMC on the Supermicro MBD-X13SEDW-F. An attacker gaining access to the BMC Web server can...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2023-52887)
net: can: j1939: vulnerability related to error handling for closely received RTS messages in xtprxrtssessionnew, which is addressed by replacing less informative backtraces with a new method that provides clearer error messages and allows for early termination of problematic sessions. This plugi...
PT-2025-47372
Name of the Vulnerable Software and Affected Versions DzzOffice versions prior to 2.3.7 Description DzzOffice is susceptible to an arbitrary file upload issue located in the /dzz/system/ueditor/php/controller.php file. The issue resides within the controller.php component. Recommendations Update ...
CVE-2025-63695
DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php...
EUVD-2025-198056
DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php...
DzzOffice 安全漏洞
DzzOffice is a platform from Big Desk DzzOffice that provides online collaborative office suite functionality. It provides online documents, forms, webstores, presentations and other features. A security vulnerability exists in DzzOffice v2.3.7 and earlier versions, which originates from...
CVE-2025-63695
DzzOffice v2.3.7 and earlier is vulnerable to an Arbitrary File Upload in /dzz/system/ueditor/php/controller.php. The core issue stems from a file upload mechanism in controller.php that allows uploading arbitrary files, potentially enabling remote code execution or other impact as described in p...
SuperMicro BMC 安全漏洞
SuperMicro BMC is a firmware from SuperMicro USA used in devices such as servers, top-of-rack switches or RAID devices. A security vulnerability exists in the SuperMicro BMC that stems from a stack buffer overflow in the BMC Web function that could lead to arbitrary code execution...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-43883)
usb: vhci-hcd: vulnerability due to the vhci-hcd driver dropping references before new ones were gained, potentially leading to the use of stale pointers. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
CVE-2025-13301
A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2025-13300
A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2025-13300
A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2025-13301
A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2025-13301 itsourcecode Web-Based Internet Laboratory Management System controller.php sql injection
A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2025-13301 itsourcecode Web-Based Internet Laboratory Management System controller.php sql injection
A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2025-13301
CVE-2025-13301 affects itsourcecode Web-Based Internet Laboratory Management System 1.0. The vulnerability is a SQL injection in an unspecified function of /subject/controller.php that can be exploited remotely; public exploits exist. CNVD, Red Hat, NVD and other sources corroborate the issue and...