CVE-2025-54169

An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5068 and later...

CVE-2025-57707

An improper neutralization of directives in statically saved code 'Static Code Injection' vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to access restricted data / files. We have already fixed the...

CVE-2025-30269

A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following version: Qsync...

CVE-2025-54170

CVE-2025-54170 describes an out-of-bounds read in Qsync Central that can be exploited by a remote attacker who has a user account to access secret data. Affected: Qsync Central; vulnerability type is out-of-bounds read in the affected component. Impact is confidentiality of secret data; attack re...

CVE-2025-57707

CVE-2025-57707 concerns File Station 5, where an improper neutralization of directives in statically saved code (Static Code Injection) may allow a user with an account to access restricted data/files. The fixed version is File Station 5.5.6.5166 and later. CVSS 4.0 base vector indicates Network ...

CVE-2025-57707

An improper neutralization of directives in statically saved code 'Static Code Injection' vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to access restricted data / files. We have already fixed the...

CVE-2026-1748

The Invoct – PDF Invoices & Billing for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions in all versions up to, and including, 1.6. This makes it possible for authenticated attackers, with Subscriber-level access...

PT-2026-27533

Name of the Vulnerable Software and Affected Versions macOS Sequoia versions prior to 15.7.5 macOS Sonoma versions prior to 14.8.4 macOS Tahoe versions prior to 26.3 Description An issue was identified regarding the handling of temporary files, potentially allowing an application to access...

WordPress plugin Gallery by FooGallery 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

WordPress plugin Invoct – PDF Invoices & Billing for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

QNAP Systems File Station 5 安全漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. Versions of QNAP Systems File Station 5 prior to 5.5.6.5166 contained security vulnerabilities. These vulnerabilities were caused by static code injection, which could lead to acce...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. There is a security vulnerability in Apple macOS, which stems from an injection issue and may allow applications to access sensitive user data. The following versions are affected: macOS Sequo...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe prior to 26.3 contained a security vulnerability. This vulnerability stemmed from improper editing of log data, which could allow malicious applications to access...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe 26.3 and earlier contained a security vulnerability. This vulnerability stemmed from parsing issues with directory path handling, which could allow applications t...

CVE-2025-65127

Affects Shenzhen Zhibotong Electronics ZBT WE2001 (version 23.09.27). The web API component lacks session validation, enabling remote unauthenticated access to administrative information-retrieval functions via get_* calls. Attackers can retrieve device configuration data, including plaintext cre...

CVE-2024-50617

CVE-2024-50617 affects CIPPlanner CIPAce (prior to 9.17) in the File Download and Get File handler components. An authenticated user can modify the file id parameter or pass a physical file path in the URL query to retrieve files that should require data access permissions for documents, enabling...

PT-2026-7767

Name of the Vulnerable Software and Affected Versions macOS versions prior to Tahoe 26.3 Description A permissions issue existed where an application could potentially access protected user data. This was addressed through the implementation of additional restrictions. Recommendations Update to...

PT-2026-7802

Name of the Vulnerable Software and Affected Versions macOS versions prior to Tahoe 26.3 macOS versions prior to Sonoma 14.8.4 macOS versions prior to Sequoia 15.7.4 iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 iOS versions prior to 26.3 iPadOS versions prior to 26.3 Description A...

PT-2026-7756

Name of the Vulnerable Software and Affected Versions macOS versions prior to Tahoe 26.3 Description An issue existed with how temporary files were handled, potentially allowing an application to access user-sensitive data. Recommendations Update to macOS Tahoe 26.3...

PT-2026-7762

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. An app may be able to access sensitive user data...