CVE-2025-14108

A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the function zfilev2api.OpenSafe of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation of the argument safedir causes command injection. It is possible to initiate...

PT-2025-12691 · H3C · H3C Magic Be18000 +4

Name of the Vulnerable Software and Affected Versions: H3C Magic NX15 versions up to V100R014 H3C Magic NX30 Pro versions up to V100R014 H3C Magic NX400 versions up to V100R014 H3C Magic R3010 versions up to V100R014 H3C Magic BE18000 versions up to V100R014 Description: A critical issue affects...

PT-2023-28996 · Arduino · Arduino Create Agent

Name of the Vulnerable Software and Affected Versions: Arduino Create Agent versions prior to 1.3.3 Description: The issue affects the endpoint "/v2/pkgs/tools/installed" and the way it handles plugin names supplied as user input. A user who has the ability to perform HTTP requests to the localho...