EUVD-2026-24601

The a+HRD developed by aEnrich has a Missing Authorization vulnerability, allowing authenticated remote attackers to arbitrarily read database contents through a specific API method...

CVE-2025-40805

Affected devices do not properly enforce user authentication on specific API endpoints. This could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Successful exploitation requires that the attacker has learned the identity of a...

CVE-2025-4477

The ThreatSonar Anti-Ransomware from TeamT5 has a Privilege Escalation vulnerability, allowing remote attackers with intermediate privileges to escalate their privileges to highest administrator level through a specific API...

PT-2024-1009 · Cisco · Cisco Unity Connection

Name of the Vulnerable Software and Affected Versions: Cisco Unity Connection affected versions not specified Description: A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to upload arbitrary files to an affected syste...

Timergrp module denial of service vulnerability in multiple Huawei products

Huawei DP300, RP200, and TE30/40/50/60 are Huawei's all-in-one desktop and high-definition videoconferencing end products for high-end customers. A denial-of-service vulnerability exists in the Timergrp module of multiple Huawei products due to the program's failure to adequately check parameters...