EUVD-2026-17127

Smoothwall Express versions prior to 3.1 Update 13 contain a reflected cross-site scripting vulnerability in the /redirect.cgi endpoint due to improper sanitation of the url parameter. Attackers can craft malicious URLs with javascript: schemes that execute arbitrary JavaScript in victims' browse...

DoraCMS 代码问题漏洞

DoraCMS is an open-source application developed by DoraCMS. It is a content management system built using Node.js, eggjs, and MongoDB. Versions of DoraCMS 3.1 and earlier have code vulnerabilities. These vulnerabilities stem from the UEditor’s remote image retrieval feature, which involves...

EUVD-2025-34519

The BlindMatrix e-Commerce WordPress plugin before 3.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users, such as contributors, to perform LFI attacks...

PT-2022-21179 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.1 Description: A vulnerability has been identified due to improper input validation, which could allow the OpenSSL certificate's password to be printed to a file reachable by an attacker...

PT-2022-21181 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.1 Description: A vulnerability has been identified in the SINEMA Remote Connect Server, where a web service lacks proper access control for some endpoints, potentially leading to unauthorized...

Dell Wyse Management Suite 输入验证错误漏洞

Wyse Management Suite is a next-generation management solution that enables you to centrally configure, monitor, manage and optimize Wyse thin clients. An open redirection vulnerability exists in Wyse Management Suite versions prior to 3.1. An attacker could exploit this vulnerability by tricking...

BigProf Online Invoicing System 跨站脚本漏洞

BigProf Online Invoicing System OIS is an easy invoicing tool for small businesses, consultants and freelancers created using AppGini. A cross-site scripting vulnerability exists in app/membershipsignup.php and app/admin/pageViewMembers.php in BigProf Online Invoicing System versions prior to 3.1...

Linux kernel denial of service vulnerability (CNVD-2019-25445)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'tcmloopmakenaatpg' function in the drivers/target/loopback/tcmloop.c file in versions of Linux kernel prior to 3.1. An attacker...

PT-2012-1580 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.1 Description: The issue is related to an integer signedness error in the pmcraid ioctl passthrough function, which might allow local users to cause a denial of service, potentially leading to memory consumpti...