EUVD-2026-9518

Incorrect permission assignment world-writable file in /etc/udhcpc/default.script in International Data Casting IDC SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially execute arbitrary commands with root privileges local privilege escalation and persistence via...

CVE-2026-29126

Incorrect permission assignment world-writable file in /etc/udhcpc/default.script in International Data Casting IDC SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially execute arbitrary commands with root privileges local privilege escalation and persistence via...

CVE-2026-29126 World-Writable, Root Owned/Run `/etc/udhcpc/default.script` in IDC SFX2100 Satellite Receiver Leads To Potential LPE

Incorrect permission assignment world-writable file in /etc/udhcpc/default.script in International Data Casting IDC SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially execute arbitrary commands with root privileges local privilege escalation and persistence via...

International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞

The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device from the International Datacasting company. The International Datacasting SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from...

Apache XML Graphics Batik代码问题漏洞

Apache XML Graphics Batik is a Java-based application from the Apache Foundation that is primarily used to process images in SVG format.Apache XML Graphics Batik is vulnerable to server-side request forgery, which is caused by a flaw in the DefaultScriptSecurity function. An attacker could exploi...

CVE-2019-18869

Leftover Debug Code in Blaauw Remote Kiln Control through v3.00r4 allows a user to execute arbitrary php code via /default.php?idx=17...

PT-2017-14843 · Tkabber · Tkabber

Name of the Vulnerable Software and Affected Versions: Tkabber version 1.1 Description: The issue concerns the default.tcl script in Tkabber, which fails to validate strings before launching a program specified by the BROWSER environment variable. This could potentially allow remote attackers to...

Microsoft IIS 4.0/5.0 Chunked Encoding Transfer Heap Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/4485/info A heap overflow condition in the 'chunked encoding transfer mechanism' related to Active Server Pages has been reported for Microsoft IIS Internet Information Services. This condition affects IIS 4.0 and IIS 5.0...

CVE-2006-6113

Monkey Boards 0.3.5 allows remote attackers to obtain sensitive information via direct requests to 1 include/adminauth.inc.php and 2 include/engine/class.compiler.php, which reveals the full path in an error message. NOTE: this issue is only an exposure if the administrator has changed the defaul...