CVE-2024-4561

In WhatsUp Gold versions released before 2023.1.2 , a blind SSRF vulnerability exists in Whatsup Gold's FaviconController that allows an attacker to send arbitrary HTTP requests on behalf of the vulnerable server...

PT-2023-29793 · National Instruments · Ni System Configuration

Name of the Vulnerable Software and Affected Versions: NI System Configuration versions prior to 2023 Q3 Description: A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. Successful exploitation...

CVE-2023-39902

A software vulnerability has been identified in the U-Boot Secondary Program Loader SPL before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree FIT format structure can be used to overwrite SPL memory, allowing unauthenticated software to...

RIOT RIOT-OS 安全漏洞

RIOT RIOT-OS is a set of operating systems used in the Internet of Things IoT space. A security vulnerability exists in versions of RIOT-OS prior to 2023.04 that stems from a null pointer dereference, which can be exploited by an attacker to conduct a denial-of-service attack...

MedData MedDataPACS SQL注入漏洞

MedData MedDataPACS is an image archiving and populating system from MedData. A SQL injection vulnerability exists in versions of MedData MedDataPACS prior to 2023-03-03, which stems from improper neutralization of special elements and a SQL injection vulnerability...