91 matches found
EUVD-2025-3163
Malicious code in bioql PyPI...
CVE-2024-13982
SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read vulnerability in the rjgettoken.php endpoint. The flaw arises from insufficient input validation on the jsondataurl parameter, which allows attackers to perfor...
CVE-2024-28957
Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by predicting some packet header IDs of the device...
CVE-2024-3218
A vulnerability classified as critical has been found in Shibang Communications IP Network Intercom Broadcasting System 1.0. This affects an unknown part of the file /php/busyscreenshotpush.php. The manipulation of the argument jsondatacallee/jsondataimagename leads to path traversal: '../filedir...
CVE-2013-4735
The Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 have a default password for an administrative account, which makes it easier for remote attackers to obtain access via an IP network...
Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability
Talos Vulnerability Report TALOS-2024-2098 Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability April 14, 2025 CVE Number CVE-2025-2260,None SUMMARY A denial of service vulnerability exists in the NetX HTTP server functionality of Eclipse ThreadX NetX Duo git commit 6c8e9d1. A...
CVE-2025-23406
Out-of-bounds read vulnerability caused by improper checking of TCP MSS option values exists in Cente middleware TCP/IP Network Series, which may lead to processing a specially crafted packet to cause the affected product crashed...
CVE-2025-23406
Out-of-bounds read vulnerability caused by improper checking of TCP MSS option values exists in Cente middleware TCP/IP Network Series, which may lead to processing a specially crafted packet to cause the affected product crashed...
Low: Red Hat Security Advisory: openldap security update
An update for openldap is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2024-7467
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 and classified as critical. Affected by this issue is the function sslvpnconfigmod of the file /vpn/listipnetwork.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os...
ALSA-2024:4264 Low: openldap security update
OpenLDAP is an open-source suite of Lightweight Directory Access Protocol LDAP applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. Security Fixes: openldap: null pointer dereference in bermemallo...
Low: openldap security update
OpenLDAP is an open-source suite of Lightweight Directory Access Protocol LDAP applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. Security Fixes: openldap: null pointer dereference in bermemallo...
CVE-2024-6003 Guangdong Baolun Electronics IP Network Broadcasting Service Platform maps sql injection
A vulnerability was found in Guangdong Baolun Electronics IP Network Broadcasting Service Platform 2.0. It has been classified as critical. Affected is an unknown function of the file /api/v2/maps. The manipulation of the argument orderColumn leads to sql injection. It is possible to launch the...
CVE-2024-6003
CVE-2024-6003 affects Guangdong Baolun Electronics IP Network Broadcasting Service Platform 2.0. The vulnerability is in an unknown function of the file /api/v2/maps, caused by manipulation of the argument orderColumn that leads to SQL injection . It can be exploited remotely, and the exploit has...
Guangdong Baolun Electronics IP Network Broadcasting Service Platform SQL Injection Vulnerability
Guangdong Baolun Electronics IP Network Broadcasting Service Platform is an electronic IP network broadcasting service platform of Guangdong Baolun Electronics, China. A SQL injection vulnerability exists in the Guangdong Baolun Electronics IP Network Broadcasting Service Platform version 2.0,...
CVE-2024-31680
File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the myparser.php component...
CVE-2024-31680
File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the myparser.php component...
CVE-2024-31680
File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the myparser.php component...
CVE-2024-31680
CVE-2024-31680 affects Shibang Communications Co., Ltd. IP network intercom broadcasting system version 1.0. The vulnerability is a file upload flaw in the my_parser.php component, enabling a local attacker to execute arbitrary code. The available documents consistently describe this risk as a lo...
CVE-2024-23911
Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 NDP packets exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially crafted packet...