58335 matches found
CVE-2026-24315 Path Traversal Vulnerability in SAP Fiori (launchpad)
SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...
PT-2026-47731
A Stored Cross-Site Scripting vulnerability in Vinna Process Monitor Version 4.0 Service Pack 1 Build 63255 allows an authenticated remote attacker with low privileges to inject malicious JavaScript code into the application. This enables attackers to steal administrative access tokens and sessio...
PT-2026-52482
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Insufficiently protected credentials stored within firmware or system files may allow an unauthenticated attacker to gain unauthorized access and expose sensitiv...
Skilja Vinna Process Monitor 跨站脚本漏洞
Skilja Vinna Process Monitor is a business process monitoring platform developed by Skilja Corporation. The Skilja Vinna Process Monitor 4.0 Service Pack 1 version contains a cross-site scripting vulnerability. This vulnerability stems from a storage-based cross-site scripting flaw, which could...
PT-2026-47770
WordPress Plugin PICA Photo Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid parameter. Attackers can send GET requests with crafted SQL payloads in the aid parameter to extract...
PT-2026-48163
Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash...
PT-2026-48283
Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions [email protected] and earlier CAI Content Credentials versions c2pa-v0.80.1 and earlier Description Improper Input Validation allows an attacker to crash the application, resulting in a denial-of-service condition...
PT-2026-48282
Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions [email protected] and earlier CAI Content Credentials version c2pa-v0.80.1 Description An integer overflow or wraparound occurs, which can be exploited by an attacker to crash the application. This leads to a...
PT-2026-48298
Name of the Vulnerable Software and Affected Versions MongoDB server affected versions not specified Description The server may log authentication parameters, including credentials, to the server log during SASL Simple Authentication and Security Layer authentication. This occurs when connection...
PT-2026-47772
Apptha Slider Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the albid parameter. Attackers can send GET requests with crafted SQL payloads in the albid parameter to extract sensitive...
PT-2026-48284
Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions [email protected] and earlier CAI Content Credentials versions c2pa-v0.80.1 and earlier Description An uncontrolled resource consumption issue allows an attacker to exhaust system resources, leading to an...
PT-2026-48281
Name of the Vulnerable Software and Affected Versions c2pa-web versions prior to 0.7.1 c2pa-v versions prior to 0.80.1 Description An improper limitation of a pathname to a restricted directory, known as Path Traversal, allows for an arbitrary file system write. This issue enables an attacker to...
PT-2026-48286
Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions [email protected] and earlier CAI Content Credentials versions c2pa-v0.80.1 and earlier Description Improper Input Validation allows an attacker to crash the application, resulting in a denial-of-service condition...
Adobe CAI Content Credentials 资源管理错误漏洞
Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1 contain a...
Adobe CAI Content Credentials 路径遍历漏洞
Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc. in the United States. It offers capabilities for authenticating digital content sources and tracking editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1...
Adobe CAI Content Credentials 输入验证错误漏洞
Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1 contain a...
Adobe CAI Content Credentials 输入验证错误漏洞
Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1 have a...
Kangda Xin DR300 安全漏洞
Kangda Xin DR300 is a wireless router produced by Kangda Xin Corporation. The Kangda Xin DR300 version 2.1.2.121 has a security vulnerability. This vulnerability stems from the inclusion of hardcoded login credentials, with telnet being enabled by default. It may allow attackers to read memory,...
Adobe CAI Content Credentials 资源管理错误漏洞
Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1 have a resourc...
Adobe CAI Content Credentials 资源管理错误漏洞
Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1 have a resourc...