VulnCheck KEV: CVE-2025-1448

A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command injection. The attack may be initiated remotely. The...

CVE-2026-0977

IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls...

MAL-2025-4385 Malicious code in payment-gateway-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4e9150cc48f5c4ea4e3d53aeeba789b513dcfb174ba1f74dfc1b3f5272aadc5a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Enphase Envoy

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Enphase Equipment: Envoy Vulnerability: OS Command Injection 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-23-171-01 Enphase Envoy that was...

Configure "-denySSLReneg" Parameter to Disable Client Side and Server Side SSL Renegotiation on ADC

This article describes the configuration and use of -denySSLReneg parameter that is recently added to Citrix ADC appliance firmware and Citrix Gateway application software...

CVE-2019-11603

A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root...

CVE-2019-11601

A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location...

CVE-2019-11601

A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location...

CVE-2019-11602

Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to gather information about the file system structure...

Design/Logic Flaw

Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to gather information about the file system structure...

Directory traversal

A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location...

Design/Logic Flaw

A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root...

CVE-2019-11603 Path traversal in ProSyst mBS SDK and Bosch IoT Gateway Software

A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root...

CVE-2019-11602 Leakage of stack traces in the backup & restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software

Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to gather information about the file system structure...

CVE-2019-11602

This CVE affects older releases of ProSyst mBS SDK and Bosch IoT Gateway Software, where remote access to backup and restore leaks stack traces that reveal filesystem structure. Affected components are the backup/restore functionality in ProSyst mBS SDK prior to 8.2.6 and Bosch IoT Gateway Softwa...

CVE-2019-11601

This CVE describes a directory traversal vulnerability in the remote access to the backup and restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software. Affected products and versions: ProSyst mBS SDK before 8.2.6; Bosch IoT Gateway Software before 9.2.0. Root cause, as stated in th...

CVE-2019-11601 Path traversal in the backup & restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software

A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location...

CVE-2019-11897 Server-side request forgery in the backup & restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software

A Server-Side Request Forgery SSRF vulnerability in the backup & restore functionality in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.3.0 allows a remote attacker to forge GET requests to arbitrary URLs. In addition, this could potentially allow an attacker to rea...

CVE-2019-11897

The CVE-2019-11897 issue is a Server-Side Request Forgery (SSRF) in the backup & restore functionality of older ProSyst mBS SDK releases (before 8.2.6) and Bosch IoT Gateway Software (before 9.3.0). The vulnerability allows a remote attacker to forge GET requests to arbitrary URLs, potentially en...

CVE-2018-18394

Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1...