4239 matches found
CVE-2026-3823 Atop Technologies|EHG2408 series switch - Stack-based Buffer Overflow
EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...
PT-2026-24017
Name of the Vulnerable Software and Affected Versions Atop Technologies EHG2408 series switch Atop Technologies EHG2408-2SFP Description The EHG2408 series switch developed by Atop Technologies contains a Stack-based Buffer Overflow issue. This allows unauthenticated remote attackers to control t...
CVE-2025-11252 SQLi in Signum Technologies' windesk.fm
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection. This issue affects windesk.Fm: before v2.3.4. NOTE: The vendor patched the vulnerability after the CVE was published...
CVE-2025-11252 SQLi in Signum Technologies' windesk.fm
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection. This issue affects windesk.Fm: before v2.3.4. NOTE: The vendor patched the vulnerability after the CVE was published...
CVE-2025-11252
CVE-2025-11252 describes an SQL Injection flaw in Signum Technology Promotion and Training Inc.'s Windesk.Fm, caused by improper neutralization of special elements in SQL commands. Affected product: windesk.Fm (through 27022026). Impact as stated: high confidentiality, integrity, and availability...
CVE-2026-2998
ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code...
CVE-2026-2998 eAI Technologies|ERP - DLL Hijacking
ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code...
CVE-2026-2998
The CVE-2026-2998 entry concerns the ERP product developed by eAI Technologies and describes a DLL Hijacking vulnerability. According to the provided documents, an authenticated local attacker can place a crafted DLL file in the same directory as the ERP executable, leading to arbitrary code exec...
CVE-2026-2998 eAI Technologies|ERP - DLL Hijacking
ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code...
CVE-2025-7631
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co. Tumeva Prime News Software allows SQL Injection. This issue affects Tumeva Prime News Software:...
PT-2026-14: Integer underflow leads to Remote Code Execution in Yokogawa Centum VP
The vulnerability was identified in Centum VP, versions R1.07.00 or earlier. The discovered vulnerability allows an attacker to achieve remote code execution via an integer underflow that lets malicious input manipulate internal calculations and trigger execution of the code. Vulnerability status...
CVE-2025-10465 Unrestricted File Upload in Birtech Information Technologies' Sensaway
Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway allows Upload a Web Shell to a Web Server. This issue affects Sensaway: through 09022026. NOTE: Because the product was developed using outdated technology, the...
CVE-2025-10465 Unrestricted File Upload in Birtech Information Technologies' Sensaway
Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway allows Upload a Web Shell to a Web Server. This issue affects Sensaway: through 09022026. NOTE: Because the product was developed using outdated technology, the...
CVE-2025-10464 Cleartext password storage in Birtech Information Technologies' Sensaway
Insecure Storage of Sensitive Information vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Retrieve Embedded Sensitive Data. This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outdated technology, the...
CVE-2025-10464
The CVE-2025-10464 entry concerns Birtech Information Technologies’ Senseway application, describing an Insecure Storage of Sensitive Information vulnerability that enables retrieval of embedded sensitive data (explicitly noted as cleartext password storage in the CVE listing). Affected release a...
CVE-2025-10464 Cleartext password storage in Birtech Information Technologies' Sensaway
Insecure Storage of Sensitive Information vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Retrieve Embedded Sensitive Data. This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outdated technology, the...
CVE-2025-10463
Improper Authentication vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Authentication Abuse. This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outdated technology, the manufacturer is unable to fix the...
CVE-2025-10463 Improper Authentication in Birtech Information Technologies' Sensaway
Improper Authentication vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Authentication Abuse. This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outdated technology, the manufacturer is unable to fix the...
CVE-2025-10463 Improper Authentication in Birtech Information Technologies' Sensaway
Improper Authentication vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Authentication Abuse. This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outdated technology, the manufacturer is unable to fix the...
CVE-2025-7799
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Zirve Information Technologies Inc. E-Taxpayer Accounting Website allows Reflected XSS. This issue affects e-Taxpayer Accounting Website: through 07082025...