CediPay Affected by Improper Input Validation in Payment Processing

A vulnerability in CediPay allows attackers to bypass input validation in the transaction API. Affected users: All deployments running versions prior to the patched release. Risk: Exploitation could result in unauthorized transactions, exposure of sensitive financial data, and compromise of payme...

PT-2025-44004

Name of the Vulnerable Software and Affected Versions BLU-IC2 versions through 1.19.5 BLU-IC4 versions through 1.19.5 Description The software allows for the disclosure of email passwords. The issue affects Azure Access Tech BLU-IC2 and BLU-IC4. It is recommended to restrict access and enable...

PT-2025-32354 · Mobile Industrial Robots · Mobile Industrial Robots

Name of the Vulnerable Software and Affected Versions: Mobile Industrial Robots MiR versions prior to 3.0.0 Description: A path traversal vulnerability exists in an API endpoint within Mobile Industrial Robots MiR software. Authenticated users can extract files from the robot file system by...

CVE-2025-1094

A flaw was found in PostgreSQL. Due to improper neutralization of quoting syntax, affected versions potentially allow a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the affected function's result to constru...

CVE-2024-50585

Users who click on a malicious link or visit a website under the control of an attacker can be infected with arbitrary JavaScript which is running in the context of the "Numerix License Server Administration System Login" nlslogin.jsp page. The vulnerability can be triggered by sending a speciall...

CVE-2024-50585

CVE-2024-50585 affects the Numerix License Server (Numerix, Inc.). Users who click a malicious link or visit an attacker-controlled site can have arbitrary JavaScript executed in the context of the Numerix License Server Administration System Login (nlslogin.jsp) page. The vulnerability can be tr...

PT-2023-3604

Name of the Vulnerable Software and Affected Versions: Copyparty versions prior to 1.8.2 Description: The issue is related to a path traversal vulnerability detected in the .cpr subfolder, allowing an attacker to access files, directories, and commands outside the web document root directory. Thi...

PT-2022-13939 · Gruntjs +3 · Gruntjs +3

Name of the Vulnerable Software and Affected Versions: GruntJS versions prior to 1.5.3 Description: The issue concerns a TOCTOU Time-of-Check-to-Time-of-Use race condition in file.copy operations. This can lead to arbitrary file writes, potentially resulting in local privilege escalation if a...

How to Save CDF Monitor Logs On A UNC Network Share

Due to local disk space constraints or for Non-Persistent VDA's administrator may want to save the CDF Monitor logs on a UNC network share...