CVE-2023-5872 Wago: Vulnerability in Smart Designer Web-Application

In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint...

CVE-2023-5872

In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint...

PT-2026-33255

In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint...

EUVD-2025-209199

HiOS Switch Platform contains a denial-of-service vulnerability in the web interface that allows remote attackers to reboot the affected device by sending a malicious HTTP GET request to a specific endpoint. Attackers can trigger an uncontrolled reboot condition through crafted HTTP requests to...

CVE-2025-62346 HCL Glovius Cloud is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability

A Cross-Site Request Forgery CSRF vulnerability was identified in HCL Glovius Cloud. An attacker can force a user's web browser to execute an unwanted, malicious action on a trusted site where the user is authenticated, specifically on one endpoint...

CVE-2025-36121 HTML Injection Vulnerability in a Specific URL Endpoint of the IBM OpenPages Application

IBM OpenPages 9.1 and 9.0 is vulnerable to HTML injection. A remotely authenticated attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

EUVD-2024-36556

Malicious code in bioql PyPI...

EUVD-2023-38324

Malicious code in bioql PyPI...

EUVD-2025-27736

Malicious code in bioql PyPI...

CVE-2025-27714

An attacker could exploit this vulnerability by uploading arbitrary files via the a specific endpoint, leading to unauthorized remote code execution or system compromise...

CVE-2025-27714 INFINITT Healthcare INFINITT PACS Unrestricted Upload of File with Dangerous Type

An attacker could exploit this vulnerability by uploading arbitrary files via the a specific endpoint, leading to unauthorized remote code execution or system compromise...

CVE-2025-27714

CVE-2025-27714 affects INFINITT PACS System Manager. The vulnerability arises from a flaw that allows uploading arbitrary files via a specific endpoint, which could lead to unauthorized remote code execution or system compromise. Public references consistently describe this as an arbitrary file u...

PT-2025-34276 · Infinitt Healthcare · Infinitt Pacs System Manager

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: An attacker could exploit this vulnerability by uploading arbitrary files via a specific endpoint, potentially leading to unauthorized remote code execution o...

SUSE CVE-2024-37281

An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to crash by sending a large number of maliciously crafted requests to a specific endpoint...

CVE-2024-37281

An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to crash by sending a large number of maliciously crafted requests to a specific endpoint...

PT-2024-27445 · Elastic · Kibana

Name of the Vulnerable Software and Affected Versions: Kibana affected versions not specified Description: An issue was discovered where a user with Viewer role could cause a Kibana instance to crash by sending a large number of maliciously crafted requests to a specific endpoint. Recommendations...

Elastic Kibana 资源管理错误漏洞

Elastic Kibana is an available data visualization dashboard software from Elastic. A resource management error vulnerability exists in Kibana. An attacker exploits this vulnerability to send a large number of maliciously crafted requests to a specific endpoint, which can cause a Kibana instance t...

Umbraco 安全漏洞

Umbraco is an open source content management system CMS written in C from Umbraco, Denmark. A security vulnerability exists in Umbraco workflow versions prior to 10.3.9, 12.2.6, and 13.0.6, which stems from a Umbraco Backoffice user being able to modify a request from a specific API endpoint...

CVE-2023-42508

JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially crafted payload, which can lead to unauthenticated users being able to send emails with manipulated email body...

Siemens SINEMA Remote Connect Server has an unspecified vulnerability (CNVD-2022-45223)

SINEMA Remote Connect is a remote network management platform that makes it easy to manage tunneled connections VPNs between headquarters, service technicians, and installed machines or plants.A security vulnerability in Siemens SINEMA Remote Connect Server stems from the fact that the affected...