18 matches found
CVE-2026-28211
The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitrary code execution when a user reads it with log...
CVE-2026-28211
The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitrary code execution when a user reads it with log...
CVE-2026-28211
The CVE affects the NVDA Dev & Test Toolbox add-on (Log Reader feature) with versions 2.0–8.0. Reading a crafted log file via log reading commands triggers unsafe evaluation of Python expressions embedded in log entries, allowing attacker-controlled code to execute with the current user’s privile...
CVE-2026-28211 Arbitrary code execution in log reader via untrusted log file
The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitrary code execution when a user reads it with log...
CVE-2026-28211 Arbitrary code execution in log reader via untrusted log file
The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitrary code execution when a user reads it with log...
CVE-2026-28211
The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitrary code execution when a user reads it with log...
CVE-2026-28211 Arbitrary code execution in log reader via untrusted log file
The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitrary code execution when a user reads it with log...
EUVD-2026-8910
The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitrary code execution when a user reads it with log...
PT-2026-22208
Name of the Vulnerable Software and Affected Versions NVDA Dev & Test Toolbox versions 2.0 through 8.0 Description A security issue exists in the Log Reader feature of the NVDA Dev & Test Toolbox add-on. Maliciously crafted log files can lead to arbitrary code execution when a user reads them usi...
NVDA Dev & Test Toolbox 安全漏洞
NVDA Dev & Test Toolbox is a debugging and testing tool developed by Cyrille Bougot as an individual contributor. Versions 2.0 to 8.0 of NVDA Dev & Test Toolbox contain security vulnerabilities. These vulnerabilities stem from the log reader’s handling of Python expressions in log files in an...
CVE-2026-1495
The vulnerability, if exploited, could allow an attacker with Event Log Reader S-1-5-32-573 privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server...
CVE-2026-1495
The vulnerability, if exploited, could allow an attacker with Event Log Reader S-1-5-32-573 privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server...
CVE-2026-1495 Insertion of Sensitive Information into Log File vulnerability in AVEVA PI to CONNECT Agent
The vulnerability, if exploited, could allow an attacker with Event Log Reader S-1-5-32-573 privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server...
CVE-2026-1495
The vulnerability, if exploited, could allow an attacker with Event Log Reader S-1-5-32-573 privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server...
CVE-2026-1495
CVE-2026-1495 concerns an information-insertion vulnerability in AVEVA PI to CONNECT Agent. The CVE describes that an attacker with Event Log Reader privileges (S-1-5-32-573) can access proxy details, including the proxy URL and credentials, from the PI to CONNECT event log files. This could enab...
PT-2026-7470
Name of the Vulnerable Software and Affected Versions affected versions not specified Description A security issue exists where an attacker with Event Log Reader S-1-5-32-573 privileges may be able to obtain proxy details, including the URL and proxy credentials, from PI to CONNECT event log file...
NASCENT RemKon Device Manager 路径遍历漏洞
NASCENT RemKon Device Manager is a NASCENT web application deployed in logistics centers as a single management platform for managing various settings and configurations of Automatic Gate Systems AGS and other Nascent products. A security vulnerability exists in NASCENT RemKon Device Manager...
SAP Fiori Client Code Execution Vulnerability
SAP Fiori Client is a client program from SAP Germany for running the SAP Fiori Launchpad on mobile devices. A code execution vulnerability exists in SAP Fiori Client that can be exploited by an attacker to execute malicious JavaScript code in an embedded log reader...