PT-2026-35973

Name of the Vulnerable Software and Affected Versions FreeRTOS-Plus-TCP versions prior to 4.2.6 FreeRTOS-Plus-TCP versions prior to 4.4.1 Description Insufficient packet validation allows an adjacent network actor to bypass checksum and minimum-size validation. This occurs because the loopback...

SUSE CVE-2025-26260

Plenti = 0.7.16 is vulnerable to code execution. Users uploading '.svelte' files with the /postLocal endpoint can define the file name as javascript codes. The server executes the uploaded file name in host, and cause code execution...

PT-2024-7166 · Splunk · Splunk Cloud Platform +2

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.3 and 9.1.6 Splunk Cloud Platform versions prior to 9.2.2403.108 and 9.1.2312.205 Description: A low-privileged user without the "admin" or "power" Splunk roles could create a malicious payload through ...

TCP Ports get exhausted on the StoreFront server

StoreFront refuses to create connections and we get below events : Event ID 4231 : Request to allocate an ephemeral port number from the global TCP port space has failed due to all such ports being in use. Event ID 4227 : TCP/IP failed to establish an outgoing connection because the selected loca...

ALPINE-CVE-2024-35190

Asterisk is an open source private branch exchange and telephony toolkit. After upgrade to 18.23.0, ALL unauthorized SIP requests are identified as PJSIP Endpoint of local asterisk server. This vulnerability is fixed in 18.23.1, 20.8.1, and 21.3.1...

CVE-2023-51733

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Local endpoint settings at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the...

CVE-2023-51733 Stored Cross Site Scripting Vulnerability in Skyworth Router

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Local endpoint settings at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the...

Faronics Insight 安全漏洞

Faronics Insight is an effective classroom management tool from Faronics Canada. A security vulnerability exists in Faronics Insight version 10.0.19045 that originates from exposing a teacher's console password in plaintext via an API endpoint accessible from the local host...

PT-2023-2945 · Faronics · Faronics Insight

Name of the Vulnerable Software and Affected Versions: Faronics Insight versions 10.0.19045 Description: The issue is related to the insecure storage of credentials in the Teacher Console component of the Faronics Insight platform. This allows an attacker with physical access to the Teacher Conso...

Drag and then drop files between a Citrix session and a local endpoint

Citrix now supports Dragging and then dropping files between a Citrix session and a local endpoint. You can drag and then drop files, groups of files, directories, groups of directories, or a combination of files and directories to and from the same client on the session. This ability applies to ...