CVE-2026-6914 MD5 checksum creation may cause availability loss

Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...

EUVD-2025-199532

Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a client certificate not aligning with the documented Extended Key Usage EKU requirements. A certificate that specifies extendedKeyUsage but is missing extendedKeyUsage = clientAuth may still be successfully...

EUVD-2024-44949

Malicious code in bioql PyPI...

CVE-2024-50561

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.2, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.2, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.2, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.2, SCALANCE...

Siemens SCALANCE M-800 Family Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2024-50572)

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

CVE-2024-36699

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2024-36699

The connected records indicate a vulnerability in GNU Debugger (GDB) affecting versions 8.2 through 14.2, caused by a buffer overflow in gdb.selected_inferior().read_memory within utils.c. Red Hat notes a buffer overflow in this component; SUSE and OSV references reinforce the issue as CVE-2024-3...

CVE-2021-40363

A vulnerability has been identified in SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions, SIMATIC PCS 7 V9.1 All versions V9.1 SP1, SIMATIC WinCC V15 and earlier All versions V15 SP1 Update 7, SIMATIC WinCC V16 All versions V16 Update 5, SIMATIC WinCC V17 All versions V17 Update 2,...

CVE-2021-20845

CVE-2021-20845 affects Unlimited Sitemap Generator (XML-Sitemaps): CSRF vulnerability in versions prior to 8.2 allows an attacker to hijack an administrator’s session and perform arbitrary actions via a crafted page. The issue arises from insufficient CSRF protections in the web interface, enabli...

Security Bulletin: IBM Security Guardium has released patch in response to the vulnerabilities known as Spectre and Meltdown

Summary IBM has released the following patch for IBM Security Guardium in response to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754 Vulnerability Details CVEID: CVE-2017-5753 CVEID: CVE-2017-5715 CVEID: CVE-2017-5754 Affected Products and Versions IBM Security Guardium V8.2 IBM Security Guardium...

Security Bulletin: Privilege escalation vulnerability affects IBM Security Guardium (CVE-2017-1122)

Summary IBM Security Guardium contains a vulnerability that could allow a local attacker with CLI access to inject arbitrary commands which would be executed as root. IBM Security Guardium has addressed this issue Vulnerability Details CVEID: CVE-2017-1122 DESCRIPTION: IBM Security Guardium...

Security Bulletin: IBM Security Guardium is affected by Linux kernel privesc: Dirty COW vulnerability (CVE-2016-5195)

Summary Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a race condition when handling the copy-on-write COW breakage of private read-only memory mappings by the memory subsystem. IBM Security Guardium has provided a fix for this vulnerability...

Sql injection

A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.220170817. WebAccess/SCADA does not properly sanitize its inputs for SQL commands...

Siemens LOGO! Soft Comfort

CVSS v3 5.9 ATTENTION: Remotely exploitable. Vendor: Siemens Equipment: LOGO! Soft Comfort Vulnerability: Download of Code without Integrity Check AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following LOGO! Soft Comfort engineering software products: LOGO! Soft Comfort: A...

CVE-2017-14023

CVE-2017-14023 affects Siemens SIMATIC PCS 7 (V8.1 up to SP1 with WinCC V7.3 Upd 13, and V8.2 all versions). The issue is improper input validation that may allow an authenticated remote attacker in the administrators group to crash services by sending specially crafted messages to the DCOM inter...

Diy-Page v8. 2 0day-vulnerability warning-the black bar safety net

Release date: 2011-2-2 Affected versions: v8. 2 Program description: The DiY-Page was founded in 2 0 0 5 year 2 the end of the month, is a new concept of a custom portal system, using which, you can easily turn the forum into a quasi-portal site. Initially it is by the software authors on the sit...

DiY-Page 多处漏洞

Diy-Page v8.2程序存在多处漏洞，包括本地文件包含漏洞，上传漏洞，跨站漏洞，etc.. /inc/func.php 02 function getuploadfilename$realname 03 $exttmp=explode".",$realname; 04 $ext=$exttmpcount$exttmp-1; …… 有劳编辑 很多敏感代码被sebug过滤 getuploadfilename把附件名含有asp、asa、php后缀的替换为空，strreplace可以利用大写绕过。 v8.2 严格过滤数据...

Diy-Page v8. 2 two injection vulnerabilities analysis(reference EXP)-vulnerability warning-the black bar safety net

DiY-Page was founded in 2 0 0 5 year 2 the end of the month, is a new concept of a custom portal system, using which, you can easily turn the forum into a quasi-portal site. Initially it is by the software authors on the site since the creation of the home program improved, and through continuous...

MyOWNspace v8.2 local file include & File Disclosure Vulnerability

Exploit for php platform in category web applications ================================================================== MyOWNspace v8.2 local file include & File Disclosure Vulnerability ================================================================== Exploit Title: MyOWNspace v8.2 local file...

MyOWNspace v8.2 multi local file include

Exploit for php platform in category web applications ======================================== MyOWNspace v8.2 multi local file include ======================================== =========================================================================== Topic : MyOWNspacev8.2 Bug type : multi loca...