CVE-2025-11545

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sharp Display Solutions projectors allows a attacker may improperly access the HTTP server and execute arbitrary actions...

EUVD-2025-22908

Malicious code in bioql PyPI...

CVE-2025-30133

An issue was discovered on IROAD Dashcam FX2 devices. Bypass of Device Pairing/Registration can occur. It requires device registration via the "IROAD X View" app for authentication, but its HTTP server lacks this restriction. Once connected to the dashcam's Wi-Fi network via the default password...

CVE-2023-24433

Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

Jenkins Plugin Synopsys Coverity 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

CVE-2021-40694

Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account...

Alchemy Eye/Network Monitor Traversal Arbitrary Command Execution

Alchemy Eye and Alchemy Network Monitor are network management tools for Microsoft Windows. The product contains a built-in HTTP server for remote monitoring and control. This HTTP server allows arbitrary commands to be run on the server by a remote attacker. %NASLMINLEVEL 70300 This script was...