CVE-2025-61431

A reflected cross-site scripted XSS vulnerability in the /jsp/gsfrfeditorHTML.jsp endpoint of Zucchetti ZMaintenance Infinity and Infinity Zucchetti v4.1 and earlier allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into the...

EUVD-2020-20590

Malware in sbrugna...

CVE-2025-40796

A vulnerability has been identified in SIMATIC PCS neo V4.1 All versions, SIMATIC PCS neo V5.0 All versions, SIMATIC PCS neo V6.0 All versions, User Management Component UMC All versions V2.15.1.3. Affected products contain a out-of-bounds read vulnerability in the integrated UMC component. This...

CVE-2025-40796

The CVE-2025-40796 entry affects Siemens SIMATIC PCS neo (V4.1, V5.0, V6.0 all versions) and the User Management Component (UMC) (all versions

Siemens SIMATIC PCS neo和Siemens User Management Component 缓冲区错误漏洞

Siemens SIMATIC PCS neo and Siemens User Management Component are both products of Siemens, Germany.Siemens SIMATIC PCS neo is a distributed control system.Siemens User Management The Siemens SIMATIC PCS neo is a distributed control system, and the Siemens User Management Component is a component...

CVE-2020-28102

cscms v4.1 allows for SQL injection via the "jsdel" function...

CVE-2024-25254

SuperScan v4.1 was discovered to contain a buffer overflow via the Hostname/IP parameter...

CVE-2024-25254

SuperScan v4.1 was discovered to contain a buffer overflow via the Hostname/IP parameter...

CVE-2024-25254

SuperScan v4.1 was discovered to contain a buffer overflow via the Hostname/IP parameter...

CVE-2024-25254

CVE-2024-25254 affects SuperScan v4.1, with a buffer overflow via the Hostname/IP parameter. The issue is described as a critical/remote flaw impacting confidentiality, integrity, and availability (CVSS 9.8, Network vector). Remediation guidance across connected sources includes applying a patch ...

CVE-2021-47179 NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a NULL pointer dereference in pnfsmarkmatchinglsegsreturn Commit de144ff4234f changes pnfsreturnlayout to call pnfsmarkmatchinglsegsreturn passing NULL as the struct pnfslayoutrange argument. Unfortunately,...

CVE-2021-47179

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a NULL pointer dereference in pnfsmarkmatchinglsegsreturn Commit de144ff4234f changes pnfsreturnlayout to call pnfsmarkmatchinglsegsreturn passing NULL as the struct pnfslayoutrange argument. Unfortunately,...

Moxa EDR-810 Service Agent Denial of Service (CVE-2017-14438)

Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4000/tcp to trigger this vulnerability. This plugin only works with...

Moxa EDR-810 Plaintext Password Storage (CVE-2017-12127)

A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317. An attacker with shell access could extract passwords in clear text from the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

Moxa EDR-810 Web Server URI Denial of Service (CVE-2017-12124)

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in the web server crashing. An attacker can send a crafted URI to trigger this vulnerability. This...

Moxa EDR-810 Web Server OpenVPN Config Command Injection (CVE-2017-14433)

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetwork0= parameter in the...

SUSE SLES15 / openSUSE 15 Security Update : iniparser (SUSE-SU-2023:2749-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2749-1 advisory. - iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparsergetlongint which misses check NULL for functio...

CVE-2023-33461

iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparsergetlongint which misses check NULL for function iniparsergetstring's return...

CVE-2023-33461

iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparsergetlongint which misses check NULL for function iniparsergetstring's return...

Null pointer dereference

iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparsergetlongint which misses check NULL for function iniparsergetstring's return...