EUVD-2025-199000

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware used by many white-labeled DVR/NVR/IPC products contains hardcoded API credentials and an OS command injection flaw in its configuration services. The web/API interface accepts HTTP/XML requests authenticated with a fixed vendor...

EUVD-2015-7643

Malware in sbrugna...

CVE-2015-7743

XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote authenticated users to read arbitrary files by creating a new HTTP XML/REST Value sensor that accesses a crafted XML file...

CVE-2015-7743

CVE-2015-7743 concerns Paessler PRTG Network Monitor. The vulnerability is an XML External Entity (XXE) expansion flaw in which authenticated users who can create a new HTTP XML/REST Value sensor can read arbitrary files on the PRTG host by supplying crafted XML. Affected versions: before 16.2.23...

CVE-2008-6712

The HTTP/XML-RPC service in Crysis 1.21 game version 1.1.1.6156 and earlier allows remote attackers to cause a denial of service crash via a long HTTP request, which triggers a NULL pointer dereference...

CVE-2008-6712

The HTTP/XML-RPC service in Crysis 1.21 game version 1.1.1.6156 and earlier allows remote attackers to cause a denial of service crash via a long HTTP request, which triggers a NULL pointer dereference...

NULL pointer in the HTTP/XML-RPC service of Crysis 1.21

Luigi Auriemma Application: Crysis http://www.ea.com/crysis/home.jsp Versions: = 1.21 1.1.1.6156 showed as gamever Platforms: Windows Bug: NULL pointer in the HTTP/XML-RPC service Exploitation: remote, versus server Date: 16 Jun 2008 Author: Luigi Auriemma e-mail: [email protected] web:...