PT-2026-37210

Name of the Vulnerable Software and Affected Versions Kestra versions prior to 1.3.4 Description SQL Injection occurs because user-controlled input from a GET parameter is directly concatenated into an SQL query without proper sanitization or parameterization. This allows attackers to inject...

CVE-2024-14007

The CVE-2024-14007 entry affects Shenzhen TVT NVMS-9000 firmware prior to 1.3.4. A flaw in the NVMS-9000 control protocol allows an unauthenticated remote attacker to bypass authentication by sending a crafted TCP payload to an exposed control port, enabling privileged administrative query comman...

TVT NVMS-9000 安全漏洞

The TVT NVMS-9000 is a digital video recorder from China-based Tongwei TVT. A security vulnerability exists in the TVT NVMS-9000 version prior to 1.3.4, which stems from an authentication bypass in the NVMS-9000 control protocol that could lead to the disclosure of sensitive information...

DTEN D5 and DTEN D7 Code Execution Vulnerabilities

The DTEN D5 and DTEN D7 are both stylus pens from DTEN. A security vulnerability exists in DTEN D5 and D7 versions prior to 1.3.4. An attacker can exploit the vulnerability to perform system administration and execute arbitrary code to obtain data displayed by Zoom Client...

DEBIAN-CVE-2004-1076

Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file...