CVE-2025-71211

CVE-2025-71211 concerns Trend Micro Apex One Console; a directory traversal vulnerability enables remote code execution on affected installations. The ZDI advisory notes that the Apex One Console, listening on ports 8080 and 4343, allows remote attackers to execute arbitrary code without authenti...

Trend Micro Apex One 路径遍历漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has a path traversal vulnerability, which originates from the management console. This vulnerability could allow remote attackers to upload malicious code and execute commands...

VulnCheck KEV: CVE-2025-54987

A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture...

VulnCheck KEV: CVE-2025-54948

A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations...

Illumina Local Run Manager 代码注入漏洞

Illumina Local Run Manager is an integrated solution from Illumina, Inc. Illumina Local Run Manager is vulnerable to code injection, which could be exploited by attackers to remotely upload and execute code at the operating system level...

LimeSurvey 代码问题漏洞

LimeSurvey PHPSurveyor is an open source online questionnaire program from the LimeSurvey team that supports survey program development, survey posting, and data collection. LimeSurvey 5.2.4 suffers from a code issue vulnerability that allows remote malicious users to upload arbitrary PHP code...

PT-2019-4193 · Apache · Apache Solr

Name of the Vulnerable Software and Affected Versions: Apache Solr versions 8.1.1 through 8.2.0 Description: The issue is related to an insecure setting in the default solr.in.sh configuration file, which enables JMX monitoring without authentication on the RMI PORT default port 18983. This could...

Remote Code Upload Vulnerability in Haiwell C10S0R(-e) PLCs

C10S0R-e PLC is a product in the programmable logic controller PLC series of Xiamen Haiwei Technology Co. The Haiwell C10S0R-e PLC suffers from a remote code upload vulnerability that can be exploited by an attacker to upload arbitrary code via unauthorized construction of specific network packet...

Remote Code Upload Vulnerability in DCCE MAC1100 PLCs

The MAC1100 PLC Programmable Logic Controller PLC is a product in the Dalian Computer Control DCCE Programmable Logic Controller PLC series. A remote code upload vulnerability exists in the DCCE MAC1100 PLC. An attacker can exploit this vulnerability to construct malicious control code, remotely...

Multiple Directory Traversal Vulnerabilities in Multiple IBM Products

IBM PureApplication System provides a way to virtualize, distribute, optimize and monitor applications and software in the cloud. Multiple directory traversal vulnerabilities exist in multiple IBM products, which could allow a remote attacker to upload arbitrary code via the directory traversal...