PT-2025-52707

Name of the Vulnerable Software and Affected Versions Screen SFT DAB 600/C version 1.9.3 Description The software contains a weak session management issue that allows attackers to bypass authentication controls by reusing IP-bound session identifiers. Attackers can exploit the deviceManagement AP...

CVE-2023-53741

Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without...

CVE-2023-53776 Screen SFT DAB 1.9.3 Authentication Bypass via Session Management Weakness

Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized requests to the device management API by leveraging the session binding mechanism to perform...

CVE-2023-53740 Screen SFT DAB 1.9.3 Authentication Bypass via Admin Password Change

Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without providing the current credentials. Attackers can exploit the userManager.cgx endpoint by sending a crafted JSON request with a new MD5-hashed password to directly modify...

Fuji Electric V-SFT 缓冲区错误漏洞

Fuji Electric V-SFT is a screen configuration software from Fuji Electric Japan. A buffer error vulnerability exists in Fuji Electric V-SFT v6.2.7.0 and earlier versions, which stems from an out-of-bounds write in the setAnimationItem function that could lead to information disclosure and arbitra...

EUVD-2025-27711

Malicious code in bioql PyPI...

CVE-2025-46803

The default mode of pseudo terminals PTYs allocated by Screen was changed from 0620 to 0622, thereby allowing anyone to write to any Screen PTYs in the system...

Fuji Electric Monitouch V-SFT 缓冲区错误漏洞

Fuji Electric Monitouch V-SFT is a screen configuration software from Fuji Electric Japan. A buffer error vulnerability exists in Fuji Electric Monitouch V-SFT that stems from a lack of proper validation of user-supplied data, which could result in writes beyond the end of the allocated buffer. A...

RHSA-2022:1074 Red Hat Security Advisory: screen security update

Bulletin has no description...

DSA-4861-1 screen - security update

Bulletin has no description...

OPENSUSE-SU-2021:0304-1 Security update for screen

This update for screen fixes the following issues: - CVE-2021-26937: Fixed double width combining char handling that could lead to a denial of service or code execution bsc1182092. This update was imported from the SUSE:SLE-15:Update update project...

Shanghai Zhenghang Electronic Technology Co., Ltd. 7-inch touch screen programming software has memory corruption vulnerability

Ltd. is a high-tech enterprise dedicated to product design and development, production, sales and service in the field of industrial control. Ltd. 7-inch touch screen programming software memory corruption vulnerability, attackers can use the vulnerability to construct a deformed hmp file can lea...

Denial of Service Vulnerability in NA-VIEW V1.02.4 by Nanda Aotuo Technology

NA-VIEW is a touch screen configuration software. A denial of service vulnerability exists in NA-VIEW V1.02.4, which can be exploited by an attacker to construct a malformed BMP image file causing the program to crash...

Memory Corruption Vulnerability in MTI MH Ethernet Touch Screen Software

Ltd. is a wholly foreign owned enterprise established in China on July 1, 2000 by Antai International Investment Singapore Pte Ltd, a subsidiary of TECO Group, a renowned Taiwanese multinational corporation. A memory corruption vulnerability exists in the MTI MH Ethernet touch screen software,...

CVE-2006-4573

Multiple unspecified vulnerabilities in the "utf8 combining characters handling" utf8handlecomb function in encoding.c in screen before 4.0.3 allows user-assisted attackers to cause a denial of service crash or hang via certain UTF8 sequences...