CVE-2025-51986

An issue was discovered in the demo/LINUXTCP implementation of cwalter-at freemodbus v.2018-09-12 allowing attackers to reach an infinite loop via a crafted length value for a packet...

CVE-2025-51986

An issue was discovered in the demo/LINUXTCP implementation of cwalter-at freemodbus v.2018-09-12 allowing attackers to reach an infinite loop via a crafted length value for a packet...

PT-2024-24125 · Unknown · Freemodbus

Name of the Vulnerable Software and Affected Versions: freemodbus version 2018-09-12 Description: A Buffer Overflow issue allows a remote attacker to cause a denial of service via the LINUXTCP server component. Recommendations: For version 2018-09-12, as a temporary workaround, consider disabling...

CVE-2023-31274

AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory resulting in throttled processing of new PI Data Archive events and a partial denial-of-service...

Contiki-NG Security Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A security vulnerability exists in Contiki-NG tinyDTLS version 2018-08-30 and prior versions, which stems from a vulnerability in the DTLS server that allows a remote attacker to reuse...

PT-2023-26145 · Unknown · Paulprinting Cms

Name of the Vulnerable Software and Affected Versions: PaulPrinting CMS version 2018 Description: A vulnerability was found in the software, allowing for cross-site scripting through the manipulation of the firstname, lastname, address, city, and state arguments. The attack can be launched...

CVE-2022-30528

SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to execute arbitrary commands via the username parameter to /system/user/modules/modusers/controller.php...

Autodesk Design Review 缓冲区错误漏洞

Autodesk Design Review ADR is a suite of AutoCAD drafting software assistance software from the American company Autodesk. The software supports viewing, marking, measuring, printing, and tracking changes to 2D and 3D design files. A security vulnerability exists in Autodesk Design Review version...

Autodesk Design Review 缓冲区错误漏洞

Autodesk Design Review ADR is a suite of AutoCAD drafting software assistance software from the American company Autodesk. The software supports viewing, marking, measuring, printing, and tracking changes to 2D and 3D design files. A security vulnerability exists in Autodesk Design Review version...

Adobe ColdFusion 路径遍历漏洞

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and a scripting language. A path traversal vulnerability exists in Adobe ColdFusion versions 2018 and 2021, which stems from an...

nursequest 路径遍历漏洞

nursequest is a management system for nurses' tasks by Romain Vincent, an individual developer in France. A security vulnerability exists in nursequest version 2018-02-22 and earlier versions, which stems from an incorrect call to Flask's sendfile function resulting in absolute path traversal...

PythonWeb 路径遍历漏洞

PythonWeb is a repository. A security vulnerability exists in PythonWeb version 2018-10-31 and earlier, which stems from an incorrect call to Flask's sendfile function resulting in absolute path traversal...

CVE-2021-31820

In Octopus Server after version 2018.8.2 if the Octopus Server Web Request Proxy is configured with authentication, the password is shown in plaintext in the UI...

Blackboard Learn bb-auth-provider-cas authentication module input validation error vulnerability

Blackboard Learn is a learning management system from Blackboard, Inc. bb-auth-provider-cas authentication is one of the authentication modules. A security vulnerability exists in the bb-auth-provider-cas authentication module in Blackboard Learn version 2018-07-02. An attacker could exploit this...

CVE-2018-17305

UiPath Orchestrator through 2018.2.4 allows any authenticated user to change the information of arbitrary users even administrators leading to privilege escalation and remote code execution...

CVE-2019-4008

API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in some URLs can result in the tokens being written to log files. IBM X-Force ID: 155626...

Sales & Company Management System Cross-Site Request Forgery Vulnerability

Sales & Company Management System SCMS is a sales and company management system. The system includes features such as customer management, product management and tax management. A cross-site request forgery vulnerability exists in the member/memberemail.php?action=edit URI in SCMS 2018-06-06 and...

arcms unauthorized access vulnerability

arcms is a content management system based on layui and arphp. A security vulnerability exists in arcms 2018-03-19 and earlier versions, which stems from the program failing to authenticate index/main, user/useradd, or img/images. An attacker can exploit the vulnerability to gain unauthorized...

OwnTicket SQL Injection Vulnerability

OwnTicket is a workflow management system. A SQL injection vulnerability exists in OwnTicket version 2018-05-23. A remote attacker can exploit the vulnerability to execute arbitrary SQL commands with the help of 'showTicketId' or 'editTicketStatusId' parameters...

Lone Wolf Technologies loadingDOCS Arbitrary File Download Vulnerability

Lone Wolf Technologies loadingDOCS is a real estate document management plug-in. An arbitrary file download vulnerability exists in the 2018-08-13 version of Lone Wolf Technologies loadingDOCS, which can be exploited by a remote attacker to download arbitrary sensitive files by sending HTTPS...