CVE-2026-22316

A remote attacker with user privileges for the webUI can use the setting of the TFTP Filename with a POST Request to trigger a stack-based Buffer Overflow, resulting in a DoS attack...

CVE-2025-27845

In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ with any invalid authentication request results in exposing a JWT secret. This allows for elevated permissions to the UI...

CVE-2023-22951

An issue was discovered in TigerGraph Enterprise Free Edition 3.x. It creates an authentication token for internal systems use. This token can be read from the configuration file. Using this token on the REST API provides an attacker with anonymous admin-level privileges on all REST API endpoints...

ZTE NH8091 安全漏洞

ZTE NH8091 is a modem from ZTE Corporation ZTE, China. A security vulnerability exists in the ZTE NH8091 V1.8 version, which originates from improper control of the Web module interface privileges and can be exploited by an authenticated attacker to execute arbitrary commands...

Vulnerabilities fixed Juniper Junos OS

Juniper has fixed several vulnerabilities in Junos OS. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Spoofing Increased user privileges Because these are...