PT-2026-7941

Centova Cast 3.2.12 contains a denial of service vulnerability that allows attackers to overwhelm the system by repeatedly calling the database export API endpoint. Attackers can trigger 100% CPU load by sending multiple concurrent requests to the /api.php endpoint with crafted parameters...

PT-2026-7884

Computrols CBAS-Web 19.0.0 contains a boolean-based blind SQL injection vulnerability in the 'id' parameter that allows authenticated attackers to manipulate database queries. Attackers can exploit the vulnerability by crafting boolean-based SQL injection payloads in the 'id' parameter of the...

PT-2026-7888

Name of the Vulnerable Software and Affected Versions newbee-mall affected versions not specified Description The software stores and verifies user passwords using an unsalted MD5 hashing algorithm. This implementation lacks per-user salts and computational cost controls. Attackers obtaining...

newbee-mall 信任管理问题漏洞

newbee-mall is an e-commerce system developed under open source by newbee. newbee-mall has a vulnerability related to trust management. This vulnerability stems from the database initialization script, which includes pre-set administrator accounts with predictable default passwords. This allows...

Tracking the Trackers: Commercial Surveillance Occurring on U.S. Army Networks

Despite current security implementations, Internet activity on DoD networks is susceptible to web trackers and commercial data collection, which have the potential to expose information about service members and unit operations. This report documents the outcomes of a study to characterize web...

Centova Cast 安全漏洞

Centova Cast is an internet-based broadcast streaming media management control panel developed by Centova Corporation in Canada. Version 3.2.12 of Centova Cast contains a security vulnerability. This vulnerability stems from the repeated invocation of the database export API endpoint, which could...

openSUSE 16 Security Update : orthanc, gdcm, orthanc-authorization, orthanc-dicomweb, orthanc-gdcm, orthanc-indexer, orthanc-mysql, orthanc-neuro, orthanc-postgresql, orthanc-python, orthanc-stl, orthanc-tcia, orthanc-wsi, python-pyorthanc (openSUSE-SU-2026:20193-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20193-1 advisory. Changes in orthanc: - dcmtk 370 breaks TW build - switch to lua 5.4 - patch out boost component system from framework - version 1.12.10 ' long...

Microsoft Configuration Manager SQL Injection Vulnerability

Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this vulnerability by sending specially crafted requests to the target environment which are processed in an unsafe manner enabling the attacker to execute commands on the server...

CVE-2020-37186

Chevereto 3.13.4 Core contains a remote code execution vulnerability that allows attackers to inject malicious code during database configuration installation. Attackers can manipulate the database table prefix parameter to write a PHP shell file and execute arbitrary system commands through a...

CVE-2020-37186

Chevereto 3.13.4 Core contains a remote code execution vulnerability that allows attackers to inject malicious code during database configuration installation. Attackers can manipulate the database table prefix parameter to write a PHP shell file and execute arbitrary system commands through a...

CVE-2020-37104

ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database...

CVE-2020-37104

ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database...

CVE-2020-37104 ASTPP 4.0.1 VoIP Billing - Database Backup Download

ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database...

CVE-2020-37104

CVE-2020-37104 affects ASTPP 4.0.1 and describes an information disclosure where unauthenticated attackers can download database backup files by predicting 6‑digit PINs and fuzzing the backup download URL under /database_backup/. The vulnerability relates to information exposure of sensitive data...

CVE-2020-37104 ASTPP 4.0.1 VoIP Billing - Database Backup Download

ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database...

CVE-2020-37186

CVE-2020-37186 affects Chevereto 3.13.4 Core. The vulnerability arises in the database configuration installation where the database table prefix parameter can be manipulated to write a PHP shell file and execute arbitrary system commands via a crafted POST request. Impact is high: remote code ex...

fontforge: FontForge: Remote Code Execution via Use-After-Free in SFD file parsing

A flaw was found in FontForge. This use-after-free vulnerability, occurring during the parsing of SFD Spline Font Database files, allows a remote attacker to execute arbitrary code. Successful exploitation requires user interaction, such as opening a specially crafted malicious file or visiting a...

CVE-2026-2250

The /dbviewer/ web endpoint in METIS WIC devices is exposed without authentication. A remote attacker can access and export the internal telemetry SQLite database containing sensitive operational data. Additionally, the application is configured with debug mode enabled, causing malformed requests...

CVE-2026-2250 Unauthenticated Data Export and Source Code Disclosure via /dbviewer/ in METIS WIC

The /dbviewer/ web endpoint in METIS WIC devices is exposed without authentication. A remote attacker can access and export the internal telemetry SQLite database containing sensitive operational data. Additionally, the application is configured with debug mode enabled, causing malformed requests...

CVE-2026-2250 Unauthenticated Data Export and Source Code Disclosure via /dbviewer/ in METIS WIC

The /dbviewer/ web endpoint in METIS WIC devices is exposed without authentication. A remote attacker can access and export the internal telemetry SQLite database containing sensitive operational data. Additionally, the application is configured with debug mode enabled, causing malformed requests...