CVE-2025-67806

The login mechanism of Sage DPW 202106004 displays distinct responses for valid and invalid usernames, allowing enumeration of existing accounts in versions before 202106000. On-premise administrators can toggle this behavior in newer versions...

PT-2024-20096 · Siemens · Sinec Nms

Name of the Vulnerable Software and Affected Versions: SINEC NMS versions prior to V2.0 SP1 Description: A vulnerability has been identified in the affected application, allowing users to upload arbitrary files via TFTP. This could allow an attacker to upload malicious firmware images or other...

CVE-2022-31465

A vulnerability has been identified in Xpedition Designer VX.2.10 All versions VX.2.10 Update 13, Xpedition Designer VX.2.11 All versions VX.2.11 Update 11, Xpedition Designer VX.2.12 All versions VX.2.12 Update 5, Xpedition Designer VX.2.13 All versions VX.2.13 Update 1. The affected application...

CVE-2019-5215

There is a man-in-the-middle MITM vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162C01E160R1P12/C01E160R2P1, and P30 Pro versions before VOG-AL00 9.1.0.162 C01E160R1P12/C01E160R2P1. When users establish connection and transfer data through Huawei Share, an attacker could...

CVE-2014-0570

Cross-site request forgery CSRF vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...