Lucene search
K

4227 matches found

CVE
CVE
added 2026/03/16 6:2 a.m.12 views

CVE-2026-4220

CVE-2026-4220 affects Technologies Integrated Management Platform 7.17.0, with the flaw located in SetWebpagePic.jsp. The issue arises from manipulation of the targetPath/Suffix argument, resulting in unrestricted upload. The vulnerability is exploitable over a network with no user interaction, a...

7.5CVSS6.6AI score0.00309EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/10 8:9 a.m.5 views

CVE-2026-3823

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...

9.8CVSS6.1AI score0.00679EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/09 9:30 a.m.8 views

EUVD-2026-10301

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...

9.3CVSS6.1AI score0.00679EPSS
Exploits0References3
NVD
NVD
added 2026/03/09 7:16 a.m.11 views

CVE-2026-3823

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...

9.8CVSS0.00679EPSS
Exploits0References2
OSV
OSV
added 2026/03/09 7:16 a.m.4 views

CVE-2026-3823

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...

9.8CVSS6.2AI score
Exploits0References2
CVE
CVE
added 2026/03/09 6:23 a.m.19 views

CVE-2026-3823

CVE-2026-3823 concerns Atop Technologies’ EHG2408 series switch. The vulnerability is described as a stack-based buffer overflow in the device, allowing unauthenticated remote attackers over the network to control the program’s execution flow and arbitrarily execute code. Per the connected docume...

9.8CVSS6.1AI score0.00679EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/09 6:23 a.m.25 views

CVE-2026-3823 Atop Technologies|EHG2408 series switch - Stack-based Buffer Overflow

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...

9.3CVSS0.00679EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/09 6:23 a.m.2 views

CVE-2026-3823

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...

9.3CVSS6.1AI score0.00679EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/09 6:23 a.m.3 views

CVE-2026-3823 Atop Technologies|EHG2408 series switch - Stack-based Buffer Overflow

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...

9.3CVSS6.1AI score0.00679EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.4 views

PT-2026-24017

Name of the Vulnerable Software and Affected Versions Atop Technologies EHG2408 series switch Atop Technologies EHG2408-2SFP Description The EHG2408 series switch developed by Atop Technologies contains a Stack-based Buffer Overflow issue. This allows unauthenticated remote attackers to control t...

9.8CVSS6.1AI score0.00679EPSS
Exploits0References14
CVE
CVE
added 2026/02/27 12:32 p.m.13 views

CVE-2025-11252

CVE-2025-11252 describes an SQL Injection flaw in Signum Technology Promotion and Training Inc.'s Windesk.Fm, caused by improper neutralization of special elements in SQL commands. Affected product: windesk.Fm (through 27022026). Impact as stated: high confidentiality, integrity, and availability...

9.8CVSS5.6AI score0.00388EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/27 12:32 p.m.3 views

CVE-2025-11252 SQLi in Signum Technologies' windesk.fm

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection. This issue affects windesk.Fm: before v2.3.4. NOTE: The vendor patched the vulnerability after the CVE was published...

9.8CVSS5.8AI score0.00388EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/27 12:32 p.m.25 views

CVE-2025-11252 SQLi in Signum Technologies' windesk.fm

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection. This issue affects windesk.Fm: before v2.3.4. NOTE: The vendor patched the vulnerability after the CVE was published...

9.8CVSS0.00388EPSS
Exploits0References2
NVD
NVD
added 2026/02/23 4:16 a.m.7 views

CVE-2026-2998

ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code...

8.5CVSS0.00107EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/23 2:42 a.m.24 views

CVE-2026-2998 eAI Technologies|ERP - DLL Hijacking

ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code...

8.5CVSS0.00107EPSS
Exploits0References2
CVE
CVE
added 2026/02/23 2:42 a.m.16 views

CVE-2026-2998

The CVE-2026-2998 entry concerns the ERP product developed by eAI Technologies and describes a DLL Hijacking vulnerability. According to the provided documents, an authenticated local attacker can place a crafted DLL file in the same directory as the ERP executable, leading to arbitrary code exec...

8.5CVSS5.8AI score0.00107EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/23 2:42 a.m.3 views

CVE-2026-2998 eAI Technologies|ERP - DLL Hijacking

ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code...

8.5CVSS5.6AI score0.00107EPSS
Exploits0References2
NVD
NVD
added 2026/02/17 12:16 p.m.12 views

CVE-2025-7631

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co. Tumeva Prime News Software allows SQL Injection. This issue affects Tumeva Prime News Software:...

8.6CVSS0.00272EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/13 12:0 a.m.9 views

PT-2026-14: Integer underflow leads to Remote Code Execution in Yokogawa Centum VP

The vulnerability was identified in Centum VP, versions R1.07.00 or earlier. The discovered vulnerability allows an attacker to achieve remote code execution via an integer underflow that lets malicious input manipulate internal calculations and trigger execution of the code. Vulnerability status...

8.2CVSS6.4AI score0.00191EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/09 12:57 p.m.29 views

CVE-2025-10465 Unrestricted File Upload in Birtech Information Technologies' Sensaway

Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway allows Upload a Web Shell to a Web Server. This issue affects Sensaway: through 09022026. NOTE: Because the product was developed using outdated technology, the...

8.8CVSS0.00389EPSS
Exploits0References2
Rows per page
Query Builder