CVE-2026-7412

In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests. An unauthenticated remote attacker can exploit this design flaw to force the BaSyx server to execute blind HTTP POST requests to...

CVE-2026-7412

In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests. An unauthenticated remote attacker can exploit this design flaw to force the BaSyx server to execute blind HTTP POST requests to...

PT-2026-39184

Name of the Vulnerable Software and Affected Versions Nginx UI versions prior to 2.3.5 Description An authenticated user can perform Server-Side Request Forgery SSRF by creating a cluster node that points to an arbitrary internal URL and sending API requests with the X-Node-ID header. The Proxy...

PT-2022-6636 · Cisco · Cisco Wireless Lan Controller +1

Name of the Vulnerable Software and Affected Versions: Cisco Aironet Access Points affected versions not specified Cisco Wireless LAN Controller WLC affected versions not specified Description: The issue is related to insufficient access control in the software of Cisco Aironet Access Points and...

CVE-2005-4440

The 802.1q VLAN protocol allows remote attackers to bypass network segmentation and spoof VLAN traffic via a message with two 802.1q tags, which causes the second tag to be redirected from a downstream switch after the first tag has been stripped, as demonstrated by Yersinia, aka "double-tagging...