680 matches found
Edimax EW-7438RPn-v3 Mini 操作系统命令注入漏洞
The Edimax EW-7438RPn-v3 Mini is a mini wireless signal extender produced by Edimax of Taiwan, China. Version 1.27 of the Edimax EW-7438RPn-v3 Mini has a vulnerability related to operating system command injection. This vulnerability stems from remote command execution at the /goform/mp endpoint,...
PT-2026-6569
Edimax EW-7438RPn-v3 Mini 1.27 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands through the /goform/mp endpoint. Attackers can exploit the vulnerability by sending crafted POST requests with command injection payloads to download a...
MINI-MP8G-WVGM-787X
Bulletin has no description...
com.foxinmy:easemob4j (>=1.1.0 <=1.1.3), com.foxinmy:umeng4j (>=1.1.0 <=1.1.3) +13 more potentially affected by CVE-2026-24819 via com.foxinmy:weixin4j-base (>=1.0 <=1.9.1)
com.foxinmy:weixin4j-base MAVEN version =1.0, =1.1.0, =1.1.0, =1.9.0, =1.4, =1.0, =1.9.0, =1.4, =1.0, =1.8.0, =1.0.9-RELEASE, =0.0.2, =0.0.3 - org.oxerr:spring-security-wechat-samples-helloworld =0.0.1 Source cves: CVE-2026-24819 Source advisory: SNYK:JAVA-COMFOXINMY-15128702...
Azure Linux 3.0 Security Update: kernel (CVE-2025-23141)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23141 advisory. - In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVMGETMPSTATE ...
CVE-2022-50808 CoolerMaster MasterPlus 1.8.5 - 'MPService' Unquoted Service Path
CoolerMaster MasterPlus 1.8.5 contains an unquoted service path vulnerability in the MPService that allows local attackers to execute code with elevated system privileges. Attackers can drop a malicious executable in the service path and trigger code execution during service startup or system...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mailbox: zynqmp-ipi: Fixed an issue of out-of-bounds access during the mailbox cleanup loop. The cleanup loop was initially running at the wrong array index, leading to out-of-bounds access. The loop now starts at the correct ind...
CVE-2021-22742
Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position...
CVE-2019-18203
On the RICOH MP 501 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn and KeyDisplay parameter to /web/entry/en/address/adrsSetUserWizard.cgi...
CVE-2020-7591
A vulnerability has been identified in SIPORT MP All versions 3.2.1. Vulnerable versions of the device could allow an authenticated attacker to impersonate other users of the system and perform potentially administrative actions on behalf of those users if the single sign-on feature "Allow logon...
CVE-2023-7332
PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting...
CVE-2023-7332
PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting...
CVE-2023-7332
PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting...
CVE-2023-7332 PocketMine-MP < 4.18.1 Improper Validation of Dropped Item Count Allows Remote Server Crash
PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting...
EUVD-2023-1817
PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting...
CVE-2023-7332
PocketMine-MP (server software for Minecraft: Bedrock) is affected in versions prior to 4.18.1 by an improper input validation flaw in inventory transaction handling. The root cause is inadequate validation in the handling of dropped items during an inventory transaction, which allows a remote at...
CVE-2023-7332 PocketMine-MP < 4.18.1 Improper Validation of Dropped Item Count Allows Remote Server Crash
PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting...
PocketMine-MP 安全漏洞
PocketMine-MP is a game server software from PMMP Open Source. A security vulnerability exists in PocketMine-MP versions prior to 4.18.1, which stems from improper input validation in inventory transaction processing, and could lead to a remote attacker triggering a server crash and resulting in ...
PT-2025-54457
Name of the Vulnerable Software and Affected Versions PocketMine-MP versions prior to 4.18.1 Description PocketMine-MP versions prior to 4.18.1 have an issue with how input is checked when handling inventory transactions. A remote attacker who has a valid player session can ask the server to drop...
Media Player MP-01 vulnerable to Missing Authentication for Critical Function
Overview NEC branded Media Player MP-01 manufactured by Sharp Display Solutions, Ltd. contains the following vulnerability. Missing Authentication for Critical Function CWE-306 - CVE-2025-12049 Souvik Kandar of MicroSec microsec.io discovered and reported the vulnerability to the developer and...