CVE-2026-6914 MD5 checksum creation may cause availability loss

Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...

EUVD-2025-199532

Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a client certificate not aligning with the documented Extended Key Usage EKU requirements. A certificate that specifies extendedKeyUsage but is missing extendedKeyUsage = clientAuth may still be successfully...

CVE-2025-41018

SQL injection in Sergestec's Exito v8.0. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'cat' parameter in '/public.php'...

EUVD-2023-48728

Malicious code in bioql PyPI...

EUVD-2023-48676

Malicious code in bioql PyPI...

CVE-2025-22926

An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php=save...

CVE-2023-44322

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.0, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.0, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.0, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.0, SCALANCE...

CVE-2024-30321

A vulnerability has been identified in SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC05, SIMATIC WinCC Runtime Professional V18 All versions V18 Update 5, SIMATIC WinCC Runtime Professional V19 All versions V19 Update 2, SIMATIC WinCC V7.4 All versions V7.4 SP1 Update 23, SIMATIC WinCC V7.5 All...

CVE-2024-37679

Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp parameter...

CVE-2024-35504

A cross-site scripting XSS vulnerability in the login page of FineSoft v8.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL:errorname parameter after a failed login attempt...

CVE-2024-35504

A cross-site scripting XSS vulnerability in the login page of FineSoft v8.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL:errorname parameter after a failed login attempt...

CVE-2024-35504

A cross-site scripting XSS vulnerability in the login page of FineSoft v8.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL:errorname parameter after a failed login attempt...

CVE-2023-44322

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.0, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.0, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.0, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.0, SCALANCE...

CVE-2023-29809

SQL injection vulnerability found in Maximilian Vogt companymaps cmaps v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request...

CVE-2023-31178

AgilePoint NX v8.0 SU2.2 & SU2.3 – Arbitrary File Delete Vulnerability allows arbitrary file deletion, by an unspecified request...

CVE-2023-31179

AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal - Vulnerability allows path traversal and downloading files from the server, by an unspecified request...

CVE-2023-24507 AgilePoint NX v8.0 SU2.2 & SU2.3 – Insecure File Upload

AgilePoint NX v8.0 SU2.2 & SU2.3 – Insecure File Upload - Vulnerability allows insecure file upload, by an unspecified request...

CVE-2023-31179 AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal

AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal - Vulnerability allows path traversal and downloading files from the server, by an unspecified request...

CVE-2023-31179

AgilePoint NX v8.0 SU2.2 and SU2.3 are affected by a path traversal vulnerability that allows an attacker to download files from the server via an unspecified request. The published sources consistently cite path traversal in these versions; no fix version or remediation is provided in the connec...

CVE-2023-24507

Affected software: AgilePoint NX v8.0 SU2.2 and SU2.3. Vulnerability type: Insecure file upload. Details provided: Vulnerability allows insecure file upload via an unspecified request. The available sources do not reveal technical specifics beyond the insecure upload vector, root cause, or exact ...