CVE-2021-31436

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-10922

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the EA-HTTP.exe process. The issu...

SUSE CVE-2025-68151

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.0, multiple CoreDNS server implementations gRPC, HTTPS, and HTTP/3 lack critical resource-limiting controls. An unauthenticated remote attacker can exhaust memory and degrade or crash the server by opening many concurrent...

PT-2026-3426

Name of the Vulnerable Software and Affected Versions UTT 进取 520W version 1.7.7-180627 Description A buffer overflow issue exists in the strcpy function located in the file /goform/ConfigExceptMSN. This allows for remote attacks, and the exploit has been publicly disclosed. The vendor was notifie...

CVE-2025-67278

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via a crafted HTTP request...

CVE-2026-0728 code-projects Intern Membership Management System delete_admin.php sql injection

A security vulnerability has been detected in code-projects Intern Membership Management System 1.0. This issue affects some unknown processing of the file /intern/admin/deleteadmin.php. Such manipulation of the argument adminid leads to sql injection. The attack may be launched remotely. The...

CVE-2025-69258

Trend Micro Apex Central is affected by CVE-2025-69258 (LoadLibraryEX). The vulnerability allows an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to code execution under the SYSTEM context on affected installations. Current public details indica...

CVE-2025-69258

A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations...

CVE-2026-0698 code-projects Intern Membership Management System edit_students.php sql injection

A vulnerability has been found in code-projects Intern Membership Management System 1.0. This affects an unknown function of the file /intern/admin/editstudents.php. Such manipulation of the argument adminid leads to sql injection. The attack may be launched remotely. The exploit has been disclos...

CVE-2026-0698 code-projects Intern Membership Management System edit_students.php sql injection

A vulnerability has been found in code-projects Intern Membership Management System 1.0. This affects an unknown function of the file /intern/admin/editstudents.php. Such manipulation of the argument adminid leads to sql injection. The attack may be launched remotely. The exploit has been disclos...

PT-2026-1938

Name of the Vulnerable Software and Affected Versions Trend Micro Apex Central affected versions not specified Description A message out-of-bounds read issue exists in Trend Micro Apex Central. This could allow a remote attacker to create a denial-of-service condition on affected systems...

CVE-2025-65518

Plesk Obsidian versions 8.0.1 through 18.0.73 are vulnerable to a Denial of Service DoS condition. The vulnerability exists in the getpassword.php endpoint, where a crafted request containing a malicious payload can cause the affected web interface to continuously reload, rendering the service...

FLIR Thermal Camera 操作系统命令注入漏洞

FLIR Thermal Camera F Series and others are a series of thermal imaging cameras from FLIR Corporation. An operating system command injection vulnerability exists in FLIR Thermal Camera PT-Series version 8.0.0.64, which stems from an uncleaned POST parameter and could lead to a remote command...

GHSA-6RCW-WW3X-XQWM carbone Code Injection vulnerability

A weakness has been identified in carboneio carbone up to fbcd349077ad0e8748be73eab2a82ea92b6f8a7e. This impacts an unknown function of the file lib/input.js of the component Formatter Handler. Executing a manipulation can lead to improperly controlled modification of object prototype attributes...

carbone Code Injection vulnerability

A weakness has been identified in carboneio carbone up to fbcd349077ad0e8748be73eab2a82ea92b6f8a7e. This impacts an unknown function of the file lib/input.js of the component Formatter Handler. Executing a manipulation can lead to improperly controlled modification of object prototype attributes...

CVE-2025-1083

A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this vulnerability is an unknown functionality of the component CORS Handler. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely...

CVE-2025-1465

A vulnerability, which was classified as problematic, was found in lmxcms 1.41. Affected is an unknown function of the file db.inc.php of the component Maintenance. The manipulation leads to code injection. It is possible to launch the attack remotely. The complexity of an attack is rather high...

CVE-2013-6014

Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.2 before 12.2R6, 12.3 before 12.3R3, 13.1 before 13.1R3, and 13.2 before 13.2R1, when Proxy ARP is enabled on an unnumbered interface,...

CVE-2022-27933

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join...

CVE-1999-0430

Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload...