CVE-2025-32832

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read fr...

CVE-2025-32475

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-31349

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateSmtpSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from...

CVE-2025-30032

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateDatabaseSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-29905

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'RestoreFromBackup' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

CVE-2025-27540

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'Authenticate' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-32869

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ImportCertificate' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

UBUNTU-CVE-2025-22072

In the Linux kernel, the following vulnerability has been resolved: spufs: fix gang directory lifetimes prior to "POWERPC spufs: Fix gang destroy leaks" we used to have a problem with gang lifetimes - creation of a gang returns opened gang directory, which normally gets removed when that gets...

PT-2025-16848 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

VulnCheck KEV: CVE-2025-31201

Apple iOS, iPadOS, macOS, and other Apple products contain an arbitrary read and write vulnerability that allows an attacker to bypass Pointer Authentication...

PT-2025-16832 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

PT-2025-16834 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

CVE-2025-30711

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments, File Upload. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2024-58133

In chainmaker-go aka ChainMaker before 2.4.0, when making frequent updates to a node's configuration file and restarting this node, concurrent writes by logger.go to a map are mishandled. Creating other logs simultaneously can lead to a read-write conflict and panic...

CVE-2024-58133

In chainmaker-go aka ChainMaker before 2.4.0, when making frequent updates to a node's configuration file and restarting this node, concurrent writes by logger.go to a map are mishandled. Creating other logs simultaneously can lead to a read-write conflict and panic...

CVE-2024-58133

CVE-2024-58133 affects chainmaker-go (ChainMaker) before version 2.4.0. The root cause is concurrent writes to a map performed by logger.go during frequent updates to a node’s configuration file and subsequent restart, which can cause a read-write conflict and panic. Public sources explicitly des...

PT-2025-15082 · Unknown · Chainmaker

Name of the Vulnerable Software and Affected Versions: ChainMaker versions prior to 2.4.0 Description: The issue arises from concurrent writes to a map by logger.go when a node's configuration file is frequently updated and the node is restarted. This can lead to a read-write conflict, resulting ...

chainMaker 安全漏洞

chainMaker is a Go library in the Go open source. A security vulnerability exists in chainMaker versions prior to 2.4.0, which stems from logger.go mishandling concurrent writes to mappings, which can lead to read/write conflicts and crashes...

CVE-2024-8551

A path traversal vulnerability exists in the save-workflow and load-workflow functionality of modelscope/agentscope versions prior to the fix. This vulnerability allows an attacker to read and write arbitrary JSON files on the filesystem, potentially leading to the exposure or modification of...

CVE-2024-8958

In composiohq/composio version 0.4.3, there is an unrestricted file write and read vulnerability in the filetools actions. Due to improper validation of file paths, an attacker can read and write files anywhere on the server, potentially leading to privilege escalation or remote code execution...