IP Setting Software may insecurely load Dynamic Link Libraries

Overview IP Setting Software provided by i-PRO Co., Ltd. contains the following vulnerability in the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-34488 i-PRO Co., Ltd. reported this vulnerability to IPA to notify...

PT-2026-6003

Name of the Vulnerable Software and Affected Versions AKCE Software Technology R&D Industry and Trade Inc. SKSPro versions through 07012026 Description An issue exists in AKCE Software Technology R&D Industry and Trade Inc. SKSPro that allows for Reflected Cross-site Scripting XSS. This is due to...

CVE-2025-7013 IDOR in QRMenumPro's Menu Panel

Authorization Bypass Through User-Controlled Key vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Exploitation of Trusted Identifiers. This issue affects Menu Panel: through 29012026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

EUVD-2018-19562

Malware in sbrugna...

EUVD-2022-39104

Malicious code in bioql PyPI...

CVE-2023-28385

Improper authorization in the IntelR NUC Pro Software Suite for Windows before version 2.0.0.9 may allow a privileged user to potentially enable escalation of privilage via local access...

CVE-2022-32578

Improper access control for the IntelR NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-36391

Incorrect default permissions for the IntelR NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2018-7850

A CWE-807: Reliance on Untrusted Inputs in a Security Decision vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause invalid information displayed in Unity Pro software...

CVE-2024-53694 QVPN Device Client, Qsync, Qfinder Pro

A time-of-check time-of-use TOCTOU race condition vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local attackers who have gained user access to gain access to otherwise unauthorized resources. We have already fixed the vulnerability...

CVE-2024-52428

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Peter Ads Booster by Ads Pro free-wp-booster-by-ads-pro allows PHP Local File Inclusion.This issue affects Ads Booster by Ads Pro: from n/a through = 1.12...

PT-2024-17761 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: Emlog Pro versions up to 2.4.1 Description: A vulnerability was found in Emlog Pro, affecting unknown code of the file /admin/user.php. The manipulation of the keyword argument leads to cross-site scripting. The attack can be initiated...

CVE-2024-3762

A vulnerability was found in Emlog Pro 2.2.10. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/twitter.php of the component Whisper Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

Code injection

Uncontrolled search path in some Intel NUC Pro Software Suite Configuration Tool software installers before version 3.0.0.6 may allow an authenticated user to potentially enable denial of service via local access...

Intel NUC Security Vulnerability

The Intel NUC is a small minicomputer from Intel Corporation USA. A security vulnerability exists in the Intel NUC that originates from an uncontrolled search path in the Pro Software Suite Configuration Tool. This could allow an authenticated user to potentially enable denial of service via loca...

CVE-2022-41700

CVE-2022-41700 affects Intel NUC Pro Software Suite installer prior to 2.0.0.9, where insecure inherited permissions may allow an authenticated local user to escalate privileges. The Intel advisory and related Red Hat/NVD entries confirm the issue and list affected products and versions. Remediat...

CVE-2023-28385

Improper authorization in the IntelR NUC Pro Software Suite for Windows before version 2.0.0.9 may allow a privileged user to potentially enable escalation of privilage via local access...

CVE-2023-28385

Intel NUC Pro Software Suite for Windows before version 2.0.0.9 is affected by CVE-2023-28385 due to improper authorization, potentially enabling privilege escalation via local access by a privileged user. The vulnerability has a CVSS v3.1 base score of 8.2 (HIGH) with LOCAL access, low attack co...

Intel NUC Security Vulnerability

Intel NUC is a small minicomputer from Intel Corporation USA. A security vulnerability exists in IntelR NUC Pro Software Suite for Windows prior to version 2.0.0.9 that originates from improper authorization management. An attacker can exploit the vulnerability to elevate privileges...

Intel® NUC Pro Software Suite Advisory

Summary: A potential security vulnerability in the Intel® NUC Pro Software Suite for Windows may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-28385 Description: Improper authorization in the...