6 matches found
Missing authorization in the OpenAI thread/message API endpoints of GROWI
Overview GROWI provided by GROWI, Inc. contains the following vulnerability. Missing authorization in the OpenAI thread/message API endpoints CWE-862 - CVE-2026-25083 This can be exploited only when an attacker knows a shared AI assistant's identifier Sho Odagiri of GMO Cybersecurity by Ierae, In...
CVE-2024-22063
The ZENIC ONE R58 products by ZTE Corporation have a command injection vulnerability. An authenticated attacker can exploit this vulnerability to tamper with messages, inject malicious code, and subsequently launch attacks on related devices...
ZTE ZENIC ONE R58 安全漏洞
ZTE ZENIC ONE R58 is a software product of ZTE Corporation ZTE, China. A security vulnerability exists in ZTE ZENIC ONE R58. An attacker exploiting this vulnerability could tamper with messages, inject malicious code, and then launch an attack on the device in question...
Unspecified vulnerability in Ypsomed mylife App and mylife Cloud (CNVD-2021-69616)
Ypsomed mylife App is an application of Ypsomed AG. To optimize communication between people with diabetes and healthcare professionals, mylife Therapy Management is an easy-to-use, easy-to-share solution for diabetes therapy data. mylife App and mylife Cloud have a security vulnerability that...
Ypsomed mylife App trust management issue vulnerability
Ypsomed mylife App is an application of Ypsomed AG. To optimize communication between people with diabetes and healthcare professionals, mylife Therapy Management is an easy-to-use, easy-to-share solution for diabetes therapy data. mylife App is vulnerable to a trust management issue, which stems...
Fortinet FortiMail 数据伪造问题漏洞
Fortinet FortiMail is a set of e-mail security gateway products of the U.S. Fita Fortinet. The product provides e-mail security and data protection features. Fortinet FortiMail has a security vulnerability that allows an unauthenticated attacker to intercept encrypted messages, making it possible...