CVE-2026-4169 Tecnick TCExam XML Export tce_xml_users.php F_xml_export_users cross site scripting

A security flaw has been discovered in Tecnick TCExam up to 16.6.0. Affected is the function Fxmlexportusers of the file admin/code/tcexmlusers.php of the component XML Export. Performing a manipulation results in cross site scripting. Remote exploitation of the attack is possible. There are stil...

SHARP MFPs Out-of-Bounds Vulnerabilities (CVE-2024-43424)

Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

SHARP MFPs Cross-Site Scripting (CVE-2024-47801)

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerability. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser. This plugin only works with Tenable.ot...

SHARP MFPs Out-of-Bounds Vulnerabilities (CVE-2024-45829)

Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed. This plugin only works with Tenable.ot. Please visit...

SHARP MFPs Traversal Vulnerability (CVE-2024-45842)

Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability. Unintended internal files may be retrieved when processing crafted HTTP requests. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-...

SHARP MFPs Out-of-Bounds Vulnerabilities (CVE-2024-42420)

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed. This plugin only works with Tenable.ot. Please visit...

SHARP MFPs Authentication Bypass (CVE-2024-47406)

Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

SHARP MFPs HTTP Header Injection (CVE-2024-47549)

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser. This plugin only works wi...

CVE-2022-4983 TEC-IT TBarCode SDK 11.15 Remote File Create

TEC-IT TBarCode version 11.15 contains a vulnerability in the TBarCode11.ocx ActiveX/OCX control's licensing handling INI-file based that can be abused to cause remote creation of files on the host filesystem. Depending on where files can be created and which filenames are allowed, this can allow...

CVE-2022-4983

The CVE-2022-4983 issue affects TEC-IT TBarCode 11.15, specifically the TBarCode11.ocx ActiveX/OCX control’s INI-based licensing handling. Reported as enabling remote creation of files on the host filesystem, the vulnerability can lead to code execution or persistence within the hosting process c...

TEC-IT TBarCode 安全漏洞

TEC-IT TBarCode is a series of barcode generation software from TEC-IT Austria. A security vulnerability exists in TEC-IT TBarCode version 11.15, which stems from a problem with the license handling of the TBarCode11.ocx ActiveX/OCX control, which could lead to remote file creation...

PT-2025-44592

Name of the Vulnerable Software and Affected Versions The Events Calendar plugin for WordPress versions through 6.15.9 Description The The Events Calendar plugin for WordPress is susceptible to unauthorized access. A missing capability check on the tec qr code modal API endpoint allows...

EUVD-2014-2042

Malware in sbrugna...

EUVD-2024-39614

Malicious code in bioql PyPI...

EUVD-2024-42693

Malicious code in bioql PyPI...

EUVD-2024-41622

Malicious code in bioql PyPI...

EUVD-2024-36336

Malicious code in bioql PyPI...

EUVD-2024-42435

Malicious code in bioql PyPI...

EUVD-2024-42518

Malicious code in bioql PyPI...

CVE-2024-51984 Authenticated disclosure of external service passwords via pass-back attack affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.

An authenticated attacker can reconfigure the target device to use an external service such as LDAP or FTP controlled by the attacker. If an existing password is present for an external service, the attacker can force the target device to authenticate to an attacker controlled device using the...