QNAP Qsync Central SQL Injection Vulnerability (CNVD-2025-27801)

QNAP Qsync Central is a private cloud synchronization service launched by Weilian QNAP, which is mainly used to achieve real-time synchronization and backup of files between devices, with functions similar to GoogleDrive, Dropbox and other cloud storage services, but with the data stored in the...

EUVD-2019-2637

Malware in sbrugna...

QNAP Qsync Central path traversal vulnerability (CNVD-2025-23640)

QNAP Qsync Central is a private cloud synchronization service launched by QNAP, which is mainly used to achieve real-time synchronization and backup of files between devices. A path traversal vulnerability exists in QNAP Qsync Central, which can be exploited by an attacker to read unexpected file...

QNAP Qsync Central 代码问题漏洞

QNAP Qsync Central is a private cloud synchronization service launched by QNAP, which is mainly used to achieve real-time synchronization and backup of files between devices. A null pointer dereference vulnerability exists in QNAP Qsync Central, which can be exploited by attackers to cause a deni...

CVE-2019-10923

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization IRT of the affected installation...

SQL Injection Vulnerability in ba***.php File of Kindergarten Online Management System

Xianqi Kindergarten Online Management System is a kindergarten online management system that supports real-time synchronization of data between smartphone APP and computer. A SQL injection vulnerability exists in the ba.php file of the kindergarten online management system. An attacker can exploi...

Siemens Cp1604 Uncontrolled Resource Consumption

A vulnerability has been identified in CP1604 All versions V2.8, CP1616 All versions V2.8, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller All versions V4.1.1 Patch 05, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 All versions V4.5.0 Patch 01,...

CVE-2019-10923

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization IRT of the affected installation...

CVE-2019-10923

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization IRT of the affected installation...

Design/Logic Flaw

A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFIN...

CVE-2019-10923

CVE-2019-10923 affects Siemens Industrial Real-Time devices (e.g., CP1604/CP1616, PROFINET IO DK/EK-ERTEC kits, SCALANCE X‑200IRT, ET200 family, SIMATIC S7-300/400 CPUs, ET200S/ET200M, etc.). A remote attacker with network access can cause a denial of service by breaking the real‑time synchroniza...

CVE-2019-10923

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization IRT of the affected installation...

PT-2019-3849 · Siemens · Siemens

Name of the Vulnerable Software and Affected Versions: Siemens products affected versions not specified Description: The issue is related to a potential denial of service condition caused by disrupting the real-time synchronization IRT of the affected installation. An attacker with network access...

In-depth understanding of cross-site WebSocket hijacking vulnerability principle and prevention-vulnerability and early warning-the black bar safety net

Preamble WebSocket as the HTML5 new features, one of extra to attract the developer's attention, because it appears that the client mainly refers to the browser provided on the Socket support as possible, so in between the client and server provides a based on a single TCP connection is a...