Linux Distros Unpatched Vulnerability : CVE-2026-11208

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a...

Linux Distros Unpatched Vulnerability : CVE-2017-12445

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The JB2BitmapCoder::coderowbyrefinement function in jb2/bmpcoder.cpp in minidjvu 0.8 can cause a denial of service invalid memory read and application crash via...

Linux Distros Unpatched Vulnerability : CVE-2025-46393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packetsize is mishandled related to the rendering of all channels in an arbitrary order...

jshERP 安全漏洞

jshERP Huaxia ERP is a homegrown ERP system by the individual developer of Ji Sheng Hua in China. A security vulnerability exists in jshERP version v3.5, which stems from improper access control in the RoleController.java component and could lead to modification of vendor status...

Linux Distros Unpatched Vulnerability : CVE-2021-47030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: fix memory leak in mt7615coredumpwork Similar to the issue fixed in...

Linux Distros Unpatched Vulnerability : CVE-2024-5701

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 126. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could ha...

Linux Distros Unpatched Vulnerability : CVE-2022-50083

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: add EXT4INODEHASXATTRSPACE macro in xattr.h When adding an xattr to an inode, we must ensure that the inodesize is not less than EXT4GOODOLDINODESIZE +...

Linux Distros Unpatched Vulnerability : CVE-2024-56553

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: binder: fix memleak of proc-deliveredfreeze If a freeze notification is cleared with...

ABB Cylon Aspect 3.08.03 (logYumLookup.php) Hybrid Path Traversal

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB Cylon Aspect BAS controller is vulnerable to an authenticated...

ABB Cylon Aspect Studio 3.08.03 Insecure Permissions

Summary ABB Cylon ASPECT Studio is a graphical programming tool and integrated development environment IDE for ABB Cylon ASPECT products. It's used to engineer comprehensive area control and graphical user interface GUI solutions, containing a library of logical and graphical widgets. It allows...

Linux Distros Unpatched Vulnerability : CVE-2018-25033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ADMesh through 0.98.4 has a heap-based buffer over-read in stlupdateconnectsremove1 called from stlremovedegenerate in connect.c in libadmesh.a. CVE-2018-25033...

ABB Cylon Aspect 3.08.01 (diagLateThread.php) Information Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated informatio...

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Username Enumeration

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The jsonProxy.php endpoint on the ABB BMS/BAS controller is vulnerabl...

ABB Cylon Aspect 3.08.02 (logYumLookup.php) Authenticated File Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The building management system suffers from an authenticated arbitrar...

ABB Cylon Aspect 3.08.01 (persistenceManagerAjax.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated OS command...

ABB Cylon Aspect 3.08.00 (yumSettings.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an authenticated OS command...

ABB Cylon Aspect 3.07.02 (sshUpdate.php) Unauthenticated Remote SSH Service Control

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The BMS/BAS controller suffers from a vulnerability that allows an...

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config

Summary ESE Elber Satellite Equipment product line, designed for the high-end radio contribution and distribution market, where quality and reliability are most important. The Elber IRD Integrated Receiver Decoder ESE-01 offers a professional audio quality and composite video at an excellent...

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Device Config

Summary The SIGNUM controller from Elber satellite equipment demodulates one or two DVB-S/ S2 signals up to 32APSK single/multi-stream, achieving 256 KS/s as minimum symbol rate. The TS demodulated signals can be aligned and configured in 1+1 seamless switching for redundancy. Redundancy can also...

JVN#77203800: OET-213H-BTS1 missing authorization check in the initial configuration

OET-213H-BTS1 is a digital temperature measurement and face recognition terminal, developed by Zhejiang Uniview Technologies Co.,Ltd and provided by Atsumi Electric Co., Ltd. The initial configuration of the product is ​insecure CWE-1188, it does not perform an authorization check when processing...