Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS cellulardata module, which can be exploited by an attacker to compromise availability...

PT-2026-23416

Permission control vulnerability in the resource scheduling module. Impact: Successful exploitation of this vulnerability may affect service integrity...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS Printing Module, which can be exploited by an attacker to cause availability to be...

Wagtail 跨站脚本漏洞

Wagtail is an open-source content management system CMS developed by Wagtail. Versions of Wagtail prior to 6.3.8, 7.0.6, 7.2.3, and 7.3.1 had a cross-site scripting vulnerability. This vulnerability stemmed from the confirmation messages in the Wagtail.contrib.simpletranslation module, which...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A buffer overflow vulnerability exists in the Huawei HarmonyOS scanning module, which can be exploited by an attacker to cause availability to be compromised...

PT-2026-23411

Authentication bypass vulnerability in the device authentication module. Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality...

PT-2026-23429

Buffer overflow vulnerability in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability...

PT-2026-23125

Name of the Vulnerable Software and Affected Versions Net::NSCA::Client versions through 0.009002 Description Net::NSCA::Client for Perl utilizes an inadequate random number generator. Version 0.003 transitioned to using Data::Rand::Obscure instead of Crypt::Random for generating initialization...

CVE-2024-43035

Fonoster 0.5.5 before 0.6.1 allows ../ directory traversal to read arbitrary files via the /sounds/:file or /tts/:file VoiceServer endpoint. This occurs in serveFiles in mods/voice/src/utils.ts. NOTE: serveFiles exists in 0.5.5 but not in the next release, 0.6.1...

PT-2026-23422

Permission control vulnerability in the cellular data module. Impact: Successful exploitation of this vulnerability may affect availability...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A double-release vulnerability exists in the Huawei HarmonyOS window module, which can be exploited by an attacker to cause availability to be compromised...

PT-2026-23414

Double free vulnerability in the window module. Impact: Successful exploitation of this vulnerability may affect availability...

PT-2026-23118

Name of the Vulnerable Software and Affected Versions Apache::Session::Generate::MD5 versions through 1.94 Description The software generates session IDs insecurely. The default session ID generator uses an MD5 hash seeded with the built-in rand function, the epoch time, and the process ID PID. T...

FreePBX SQL注入漏洞

FreePBX is a set of tools from the FreePBX project that allow configuration of Asterisk an IP telephony system through a GUI graphical web-based interface. Versions of FreePBX prior to 16.0.10 and 17.0.5 have a SQL injection vulnerability. This vulnerability stems from multiple authenticated SQL...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS device security management module, which can be exploited by an attacker to cause...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS Printing Module, which can be exploited by an attacker to cause availability to be...

PT-2026-23425

Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability...

PT-2026-23491

Name of the Vulnerable Software and Affected Versions FreePBX versions prior to 16.0.10 FreePBX versions prior to 17.0.5 Description FreePBX logfiles module contains several authenticated SQL injection vulnerabilities. These issues allow an attacker with valid credentials to potentially manipulat...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A conditional contention vulnerability exists in the Huawei HarmonyOS dimensioning module, which can be exploited by an attacker to cause availability to be...

📄 Honeywell Trend IQ4 Unauthenticated Add Admin

This Metasploit module exploits an insecure default configuration in Honeywell Trend IQ4 controllers. By default, these devices do not enforce authentication, allowing a remote user to enable the User Module and create a new administrative account. Note: This action permanently changes the device...