4227 matches found
CVE-2026-4220
CVE-2026-4220 affects Technologies Integrated Management Platform 7.17.0, with the flaw located in SetWebpagePic.jsp. The issue arises from manipulation of the targetPath/Suffix argument, resulting in unrestricted upload. The vulnerability is exploitable over a network with no user interaction, a...
CVE-2026-3823
EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...
EUVD-2026-10301
EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...
CVE-2026-3823
EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...
CVE-2026-3823
EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...
CVE-2026-3823
CVE-2026-3823 concerns Atop Technologies’ EHG2408 series switch. The vulnerability is described as a stack-based buffer overflow in the device, allowing unauthenticated remote attackers over the network to control the program’s execution flow and arbitrarily execute code. Per the connected docume...
CVE-2026-3823 Atop Technologies|EHG2408 series switch - Stack-based Buffer Overflow
EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...
CVE-2026-3823
EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...
CVE-2026-3823 Atop Technologies|EHG2408 series switch - Stack-based Buffer Overflow
EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...
PT-2026-24017
Name of the Vulnerable Software and Affected Versions Atop Technologies EHG2408 series switch Atop Technologies EHG2408-2SFP Description The EHG2408 series switch developed by Atop Technologies contains a Stack-based Buffer Overflow issue. This allows unauthenticated remote attackers to control t...
CVE-2025-11252
CVE-2025-11252 describes an SQL Injection flaw in Signum Technology Promotion and Training Inc.'s Windesk.Fm, caused by improper neutralization of special elements in SQL commands. Affected product: windesk.Fm (through 27022026). Impact as stated: high confidentiality, integrity, and availability...
CVE-2025-11252 SQLi in Signum Technologies' windesk.fm
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection. This issue affects windesk.Fm: before v2.3.4. NOTE: The vendor patched the vulnerability after the CVE was published...
CVE-2025-11252 SQLi in Signum Technologies' windesk.fm
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection. This issue affects windesk.Fm: before v2.3.4. NOTE: The vendor patched the vulnerability after the CVE was published...
CVE-2026-2998
ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code...
CVE-2026-2998 eAI Technologies|ERP - DLL Hijacking
ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code...
CVE-2026-2998
The CVE-2026-2998 entry concerns the ERP product developed by eAI Technologies and describes a DLL Hijacking vulnerability. According to the provided documents, an authenticated local attacker can place a crafted DLL file in the same directory as the ERP executable, leading to arbitrary code exec...
CVE-2026-2998 eAI Technologies|ERP - DLL Hijacking
ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code...
CVE-2025-7631
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co. Tumeva Prime News Software allows SQL Injection. This issue affects Tumeva Prime News Software:...
PT-2026-14: Integer underflow leads to Remote Code Execution in Yokogawa Centum VP
The vulnerability was identified in Centum VP, versions R1.07.00 or earlier. The discovered vulnerability allows an attacker to achieve remote code execution via an integer underflow that lets malicious input manipulate internal calculations and trigger execution of the code. Vulnerability status...
CVE-2025-10465 Unrestricted File Upload in Birtech Information Technologies' Sensaway
Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway allows Upload a Web Shell to a Web Server. This issue affects Sensaway: through 09022026. NOTE: Because the product was developed using outdated technology, the...