CVE-2026-40830

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the admin.mbnetj.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical...

CVE-2026-40834

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dashlayout.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting entries into a non...

CVE-2026-40833

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting entries into a non...

CVE-2026-40834 Authenticated SQLi in saveDashboardLayout function

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dashlayout.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting entries into a non...

CVE-2026-40828 Authenticated SQLi in DeleteSysLogEntry function

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DeleteSysLogEntry function due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entries in a non critical table. This can...

CVE-2026-40828

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DeleteSysLogEntry function due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entries in a non critical table. This can...

CVE-2026-40825

CVE-2026-40825 describes an unauthenticated SQL Injection in the accountstatus view devices parameter. The vulnerability arises from improper neutralization of special elements in a SQL UPDATE command, enabling reading the entire database and altering values in a non-critical table. Reported impa...

CVE-2026-40824

CVE-2026-40824 describes an unauthenticated SQL Injection in the accountstatus view userid parameter. An attacker with network access can exploit improper neutralization of special elements in a SQL UPDATE, enabling reading of the entire database and modification of values in a non-critical table...

CVE-2026-40823

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table. This can resu...

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECT24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymbCONNECT24 is an internal...

PT-2026-43600

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash layout.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting entries into a no...

EUVD-2023-54163

Malicious code in bioql PyPI...

CVE-2025-40803

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions. The affected device exposes certain non-critical information from the device. This could allow an unauthenticated attacker to access sensitive data, potentially leading to a breach of confidentiality...

CVE-2025-40803

The CVE-2025-40803 affects Siemens/RUGGEDCOM RST2428P (6GK6242-6PA00) across all versions, exposing certain non-critical device information that could allow an unauthenticated attacker to access sensitive data and breach confidentiality. Connected sources (Tenable OT plugin, NVD, Red Hat, CNNVD, ...

CVE-1999-0577

A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories...

Adobe Reader CoolType Out-Of-Bounds Read

The Type1/CFF CharString interpreter code in the Adobe Reader CoolType.dll font library does not check if the input stream pointer has not gone beyond the end of the source buffer, which stores the state machine instructions. The Type1/CFF CharString interpreter code in the Adobe Reader...

DEBIAN-CVE-2024-46861

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: Payload too short Payload formatted incorrecly e.g. bad NCM framing Lack of memory None of these should cause the driver to seize u...

AZL-49878 CVE-2024-46861 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: Payload too short Payload formatted incorrecly e.g. bad NCM framing Lack of memory None of these should cause the driver to seize u...

AZL-49895 CVE-2024-46861 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: Payload too short Payload formatted incorrecly e.g. bad NCM framing Lack of memory None of these should cause the driver to seize u...

CVE-2024-46861 usbnet: ipheth: do not stop RX on failing RX callback

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: Payload too short Payload formatted incorrecly e.g. bad NCM framing Lack of memory None of these should cause the driver to seize u...