Cisco IOS XE Software Release 3E HTTP Server DoS (cisco-sa-ios-http-dos-sbv8XRpL)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A denial of service DoS vulnerability exists in Cisco IOS XE Software due to improper validation of user-supplied input. An authenticated remote attacker can exploit this issue, via sending malformed...

PT-2026-27799

Name of the Vulnerable Software and Affected Versions Cisco IOS Software and Cisco IOS XE Software Release 3E Description A flaw exists in the HTTP Server feature that could allow a remote attacker with valid user credentials to cause an unexpected device reload, leading to a denial of service Do...

PT-2025-49124

Name of the Vulnerable Software and Affected Versions Medtronic CareLink Network versions prior to December 4, 2025 Description An unauthenticated remote attacker can send a request to an API endpoint to obtain security questions. This could potentially reveal valid user accounts. Recommendations...

EUVD-2023-3194

Malicious code in bioql PyPI...

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization via the toolsUploaderHandler function. An attacker can execute arbitrary code and compromise the integrity, confidentiality, and availability of the system by uploading malicious binaries through an authenticated...

CVE-2023-6837

Multiple WSO2 products have been identified as vulnerable to perform user impersonatoin using JIT provisioning. In order for this vulnerability to have any impact on your deployment, following conditions must be met: An IDP configured for federated authentication and JIT provisioning enabled with...

CVE-2022-47505 SolarWinds Platform Local Privilege Escalation Vulnerability

The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This vulnerability allows a local adversary with a valid system user account to escalate local privileges...

Fortinet Fortigate (FG-IR-22-444)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-444 advisory. - An improper restriction of excessive authentication attempts vulnerability CWE-307 in Fortinet FortiOS version 7.2.0 throug...

Protect

An improper restriction of excessive authentication attempts vulnerability CWE-307 in FortiOS & FortiProxy administrative interface may allow an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions...

Tiny File Manager路径遍历漏洞

Tiny File Manager is a web-based open source file manager. A path traversal vulnerability in the tinyfilemanager.php file upload function in Tiny File Manager 2.4.1 allows remote attackers to upload malicious PHP files to the webroot using a valid user account and achieve code execution on the...

CVE-2021-2117

Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...

Microsoft IIS FTP Server NLST Command Remote Overflow

Added: 09/03/2009 CVE: CVE-2009-3023 BID: 36189 OSVDB: 57589 Background Microsoft Internet Information Server IIS includes a web server and an FTP server. Problem A stack overflow in the FTP server in IIS 5 and 6.0 via a crafted NLST command that uses wildcards allows remote authenticated users t...

Microsoft IIS FTP Server NLST Command Remote Overflow

Added: 09/03/2009 CVE: CVE-2009-3023 BID: 36189 OSVDB: 57589 Background Microsoft Internet Information Server IIS includes a web server and an FTP server. Problem A stack overflow in the FTP server in IIS 5 and 6.0 via a crafted NLST command that uses wildcards allows remote authenticated users t...