15 matches found
CVE-2026-21393
Movable Type contains a stored cross-site scripting vulnerability in Edit Comment. If crafted input is stored by an attacker, arbitrary script may be executed on a logged-in user's web browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life EOL, are affected by the...
CVE-2025-59371
An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security...
CVE-2025-59371
An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security...
CVE-2025-59371
CVE-2025-59371 describes an authentication bypass in the ASUS Router’s IFTTT integration. A remote, authenticated attacker could exploit the flaw to potentially gain unauthorized access to the device. The vulnerability is characterized by a network attack vector with low attack complexity and req...
PT-2025-41913
Name of the Vulnerable Software and Affected Versions FactoryTalk View Machine Edition versions affected versions not specified Description An authentication bypass issue exists in the FactoryTalk View Machine Edition Web Browser ActiveX control. Successful exploitation can lead to unauthorized...
AMD Kintex 7-Series FPGA和AMD Artix 7-Series FPGA 安全漏洞
The AMD Kintex 7-Series FPGA and AMD Artix 7-Series FPGA are both FPGA chips from UltraMicroelectronics AMD. A security vulnerability exists in AMD Kintex 7-Series FPGAs and AMD Artix 7-Series FPGAs that stems from insufficient voltage and clock burr protection, which could lead to an attacker...
The vulnerability of the software development environment for systems that automate technological processes, the Totally Integrated Automation Portal (Portal TIA), and the software used for modeling and simulating the operation of Siemens S7 controllers, arises due to deficiencies in the deserialization mechanism, allowing attackers to execute arbitrary code.
The vulnerability of the software development environment of Totally Integrated Automation Portal Portal TIA, the software for modeling and simulation of Siemens S7 series controllers, is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to...
VulnCheck KEV: CVE-2022-34151
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac...
多款Omron产品安全漏洞
Omron Machine automation controller NX7 series and so on are the products of Omron Corporation of Japan.Omron Machine automation controller NX7 series is a series of machine automation controllers.Omron Machine Omron Machine automation controller NX1 series is a series of machine automation...
CVE-2021-37730
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant IAP versions: Aruba Instant 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant...
CVE-2021-23006
On all 7.x and 6.x versions fixed in 8.0.0, undisclosed BIG-IQ pages have a reflected cross-site scripting vulnerability. Note: Software versions which have reached End of Software Development EoSD are not evaluated...
Unpatchable 'Starbleed' Bug in FPGA Chips Exposes Critical Devices to Hackers
A newly discovered unpatchable hardware vulnerability in Xilinx programmable logic products could allow an attacker to break bitstream encryption, and clone intellectual property, change the functionality, and even implant hardware Trojans. The details of the attacks against Xilinx 7-Series and...
CVE-2019-2004
In publishKeyEvent, publishMotionEvent and sendUnchainedFinishedSignal of InputTransport.cpp, there are uninitialized data leading to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0...
Tenda AC7 Buffer Overflow Vulnerability
The Tenda AC7, AC9 and AC10 are all wireless router products from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 15.03.06.44CN and earlier versions, AC9 15.03.05.196318CN and earlier versions, and AC10 15.03.06.23CN and earlier versions. An attacker can exploit this...
Intel Puma 5, 6 and 7 Series Denial of Service Vulnerability
Intel Puma 5, 6, and 7 Series are all different families of modem chip products from the U.S. company Intel. A security vulnerability exists in the firmware of the Intel Puma 5, 6, and 7 Series. The vulnerability can be exploited by an attacker to cause a denial of service resource exhaustion or...