CVE-2025-11847

A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50ABPM.9.6C0 and the Zyxel WX3100-T0 firmware versions through 5.50ABVL.4.8C0 could allow an authenticated attacker with administrator privileges to trigger a...

CVE-2025-11847

A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50ABPM.9.6C0 and the Zyxel WX3100-T0 firmware versions through 5.50ABVL.4.8C0 could allow an authenticated attacker with administrator privileges to trigger a...

CVE-2025-11847

The CVE-2025-11847 entry describes a null pointer dereference in the IP settings CGI program of Zyxel VMG3625-T50B (firmware up to 5.50(ABPM.9.6)C0) and Zyxel WX3100-T0 (firmware up to 5.50(ABVL.4.8)C0). An authenticated administrator can trigger a denial-of-service by sending a crafted HTTP requ...

PT-2026-21641

A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50ABPM.9.6C0 and the Zyxel WX3100-T0 firmware versions through 5.50ABVL.4.8C0 could allow an authenticated attacker with administrator privileges to trigger a...

Zyxel VMG3625-T50B和Zyxel WX3100-T0 代码问题漏洞

Both Zyxel VMG3625-T50B and Zyxel WX3100-T0 are products of the Chinese company Zyxel. Zyxel VMG3625-T50B is a Wi-Fi device. Zyxel WX3100-T0 is a wireless bridge. There are code vulnerabilities in versions of Zyxel VMG3625-T50B 5.50ABPM.9.6C0 and earlier, as well as Zyxel WX3100-T0 5.50ABVL.4.8C0...

CVE-2022-26999

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the wanipstat, wanmaskstat, wangwstat, and wandns1stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

EUVD-2023-27544

Malicious code in bioql PyPI...

EUVD-2025-14270

Malicious code in bioql PyPI...

CVE-2025-4560 Netvision ISOinsight - Missing Authentication

The ISOinsight from Netvision has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access certain system functions. These functions include viewing the administrator list, viewing and editing IP settings, and uploading files...

C-MOR Video Surveillance 5.2401 / 6.00PL01 Cross Site Scripting

Advisory ID: SYSS-2024-021 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: Persistent Cross-Site Scripting CWE-79 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05...

Lenovo printers license issue vulnerability

Lenovo Printers is a printer from the Chinese company Lenovo. Lenovo Printers suffers from an authorization issue vulnerability that originates from a standard user being able to directly manipulate and set printer configuration information, such as the IP of certain Lenovo printers, without...

CVE-2023-23444

Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to...

Authentication flaw

Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to...

CVE-2023-23444

CVE-2023-23444 affects SICK Flexi Classic and Flexi Soft Gateways with partnumbers: 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597. The issue is a missing authentication for a critical function that al...

CVE-2023-23444

Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to...

SICK Flexi Classic 访问控制错误漏洞

SICK FX0-GENT00000 is a security control module from SICK with a built-in Ethernet switch. A security vulnerability exists in SICK Flexi Classic, Flexi Soft Gateways that originates from a vulnerability that could allow an unauthenticated, remote attacker to change the IP settings of the device v...

PT-2023-18953 · Sick · Sick Flexi Classic +1

Name of the Vulnerable Software and Affected Versions: SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 Description: The issue allows an...

cockpit security, bug fix, and enhancement update

264.1-1.0.1 - Remove duplicate reference to server in cockpit Orabug: 33862832 - Update documentation links Orabug: 32795691 - Make documentation links point to Oracle Linux information Orabug: 30271413 Orabug: 32013095 - Fix rendering of hwinfo page on systems with some empty memory slots Orabug...

CVE-2022-26999

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the wanipstat, wanmaskstat, wangwstat, and wandns1stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

Command injection

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the wanipstat, wanmaskstat, wangwstat, and wandns1stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request...