CVE-2025-67278

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via a crafted HTTP request...

CVE-2026-22026

CVE-2026-22026 affects CryptoLib prior to 1.4.3. The vulnerability is in the libcurl write_callback used by the KMC crypto service client, where HTTP response buffers can be reallocated without size checks, allowing a malicious KMC server to send arbitrarily large responses and cause unbounded me...

CVE-2023-50089

A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. When using HTTP for SOAP authentication, command execution occurs during the process after successful authentication...

CVE-2021-31922

An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager before 21.1 could allow an attacker to smuggle an HTTP request through an HTTP/2 Header. This vulnerability is resolved in 21.1, 20.3R1, 20.2R1, 20.1R2, 19.2R4, and 18.2R3...

CVE-2023-4393

HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow an attacker to perform more advanced phishing attacks against an organization...

CVE-2025-14887

The twinklesmtp – Email Service Provider For WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin's sender settings in all versions up to, and including, 1.03 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2021-2419

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

EUVD-2026-1188

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

Access of Resource Using Incompatible Type ('Type Confusion')

Overview preact is a fast 3kB alternative to React with the same modern API. Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' during rendering in the vnode constructor. An attacker can inject arbitrary HTML or execute scripts by...

CVE-2026-22543

The credentials required to access the device's web server are sent in base64 within the HTTP headers. Since base64 is not considered a strong cipher, an attacker could intercept the web request handling the login and obtain the credentials...

PT-2026-2205

Name of the Vulnerable Software and Affected Versions affected versions not specified Description The credentials needed to access the device’s web server are transmitted in base64 within the HTTP headers. Base64 encoding is not a secure encryption method, allowing an attacker intercepting the we...

CVE-2025-15022

Action captions in Vaadin accept HTML by default but were not sanitized, potentially allowing Cross-site Scripting XSS if caption content is derived from user input. In Vaadin Framework 7 and 8, the Action class is a general-purpose class that may be used by multiple components. The fixed version...

HTTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an RISC-V 64-bit payload from an HTTP server. Connect back to attacker and spawn a command shell. Module Options msf use payload/cmd/linux/http/riscv64le/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf...

HTTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an RISC-V 32-bit payload from an HTTP server. Connect back to attacker and spawn a command shell. Module Options msf use payload/cmd/linux/http/riscv32le/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf...

Passy 安全漏洞

Passy is a physical access management platform from Passy, an Italian company. A security vulnerability exists in Passy version 1.6.3 that originates from a specially crafted HTTP request and could lead to the execution of arbitrary commands...

PT-2026-21573

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 145.0.7632.116 Description An out-of-bounds read issue existed in the Media component of Google Chrome. This allowed a remote attacker to potentially read memory outside of the intended boundaries by tricking a...

PT-2026-6747

Name of the Vulnerable Software and Affected Versions Asterisk versions prior to 20.7-cert9 Asterisk versions prior to 20.18.2 Asterisk versions prior to 21.12.1 Asterisk versions prior to 22.8.2 Asterisk versions prior to 23.2.2 Description Asterisk is a private branch exchange and telephony...

PT-2026-21708

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 115.33 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description A mitigation bypass exists in the DOM: HTML Parser...

PT-2025-54243

Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and earlier Description The software contains a conditional command injection issue. Local authenticated users can create malicious files in the /tmp directory. Unauthenticated attackers can execute...

TrueConf Server 安全漏洞

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. A security vulnerability exists in TrueConf server version 5.5.2.10813, which stems from the presence of HTML injection in the meeting description field, which could lead to the injection o...