276237 matches found
CVE-2025-11242
Server-Side Request Forgery SSRF vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request Forgery.This issue affects Okulistik: through 21102025...
CVE-2025-58467
A relative path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync...
CVE-2025-54155
CVE-2025-54155 affects File Station 5. An unbounded resource allocation vulnerability exists in File Station 5 where, if an administrator account is compromised, the attacker can prevent other systems, applications, or processes from accessing the same resource. The CVSS 4.0 vector indicates a Ne...
CVE-2025-57710
The CVE-2025-57710 issue affects Qsync Central and is a resource-allocation vulnerability with no throttling. A remote attacker who has an administrator account can exhaust resources, potentially blocking other systems, applications, or processes from accessing the same resource. The root cause i...
CVE-2025-57711
CVE-2025-57711 affects Qnap Qsync Central and describes an allocation of resources without limits or throttling. The vulnerability is exploitable remotely by an attacker who already has an administrator account, allowing them to disrupt access to the same type of resource for other systems, appli...
CVE-2025-68406
CVE-2025-68406 affects Qsync Central. A path traversal vulnerability allows an attacker who already has a user account to read arbitrary files or system data. The issue is tied to Qsync Central’s handling of file paths and can be triggered remotely over the network. Remediation is available in Qs...
CVE-2025-10174 Improper Access Control in Pan Software's PanCafe Pro
Cleartext Transmission of Sensitive Information vulnerability in Pan Software & Information Technologies Ltd. PanCafe Pro allows Flooding. This issue affects PanCafe Pro: from 3.3.2 through 23092025...
Malicious code in node-dotenv-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76b47bebee6a74c00d3be10fad072e05074a62b29205377f682463290bad39c3 The package node-dotenv-cli was found to contain malicious code. Source: ghsa-malware 5bb66069e2bde985ae448962eaaf6373cd54aa2cd51fb20a0fef26ecb5dee2d...
CVE-2025-9986
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vadi Corporate Information Systems Ltd. Co. DIGIKENT allows Excavation. This issue affects DIGIKENT: through 13092025...
CVE-2026-25895
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. A path traversal vulnerability in FUXA allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This affects FUXA through version 1.2.9. This issue has been patched ...
[SECURITY] Fedora 42 Update: rust-rbspy-0.34.1-4.fc42
Sampling CPU profiler for Ruby...
[SECURITY] Fedora 42 Update: envision-3.2.0-7.fc42
UI for building, configuring, and running Monado, the open source OpenXR runtime. This is still highly experimental software, while it's unlikely that anything bad will happen, it's still unstable and there is no guarantee that it will work on your system, with your particular hardware. If you...
PT-2026-7574
Name of the Vulnerable Software and Affected Versions QNAP QTS versions prior to 5.2.8.3350 build 20251216 QNAP QuTS hero h5.3.2 versions prior to h5.3.2.3354 build 20251225 QNAP QuTS hero h5.2.8 versions prior to h5.2.8.3350 build 20251216 Description A flaw exists that allows remote attackers t...
Wazuh 4.14.3
Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...
MiniGal Nano 跨站脚本漏洞
MiniGal Nano is a PHP album program developed by Rybber’s individual developer. Versions of MiniGal Nano prior to 0.3.5 contained a cross-site scripting vulnerability. This vulnerability stemmed from the dir parameter in the index.php file, which allowed for reflective cross-site scripting,...
PT-2026-7580
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. Turboard allows Reflected XSS.This issue affects Turboard: from 2025.07 through 11022026. NOTE...
PT-2026-7534
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
PT-2026-7689
Top Password Software Dialup Password Recovery 1.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting a large 5000-character payload into the User Name and Registration Code...
PT-2026-7592
A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...
QNAP Systems QTS和QNAP Systems QuTS hero 代码问题漏洞
QNAP Systems QTS and QNAP Systems QuTS Hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There were code-related vulnerabilities in versions of QNAP Systems QTS 5.2.8.3332 build 20251128 and QNAP Systems QuTS Hero...