EUVD-2026-15402

From Panorama Web HMI, an attacker can gain read access to certain Web HMI server files, if he knows their paths and if these files are accessible to the Servin process execution account. Installations based on Panorama Suite 2022-SP1 22.50.005 are vulnerable unless update PS-2210-02-4079 or high...

Microsoft SQL Server 访问控制错误漏洞

Microsoft SQL Server is a large-scale commercial database system developed by Microsoft Corporation, used under the Microsoft Windows operating system. There is an access control vulnerability in Microsoft SQL Server. Attackers can exploit this vulnerability to gain higher privileges. The followi...

PT-2026-7829

An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older...

Microsoft SQL Server SQL注入漏洞

Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is applied under the Microsoft Windows system. A SQL injection vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to elevate privileges. The following products and...

EUVD-2022-28575

Malicious code in bioql PyPI...

Microsoft SQL Server SQL注入漏洞

Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is applied under the Microsoft Windows system. A SQL injection vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to elevate privileges. The following products and...

Security Advisory July 2025 for Ivanti EPM 2024 SU2 and EPM 2022 SU8

Security Advisory Ivanti EPM 2022 SU8 and EPM 2024 SU2 Multiple CVEs Summary Ivanti has released updates for Ivanti Endpoint Manager EPM which addresses three high severity vulnerabilities. The Security vulnerability affects the Core, Remote Consoles and Windows agents. We are not aware of any...

CVE-2023-24821

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet buffer. The write wil...

CVE-2022-30552

Das U-Boot 2022.01 has a Buffer Overflow...

Dassault Systèmes ENOVIA Collaborative Industry Innovator 安全漏洞

Dassault Systèmes ENOVIA Collaborative Industry Innovator is an essential toolset for real-time, secure and structured collaboration and product content management for an engineering team at Dassault Systèmes France. A security vulnerability exists in Dassault Systèmes ENOVIA Collaborative Indust...

Microsoft DWM Core Library 安全漏洞

Microsoft DWM Core Library is a core library for Microsoft windows from Microsoft Corporation, USA. A security vulnerability exists in the Microsoft DWM Core Library. The following products and editions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based...

Revenera InstallShield 安全漏洞

Revenera InstallShield Flexera InstallShield is a development package from Revenera Inc. for building Windows installers and MSIX packages. A security vulnerability exists in Revenera InstallShield version 2022 R2 and version 2021 R2, which stems from a DLL hijacking triggered by improperly...

Microsoft System Center Operations Manager 访问控制错误漏洞

Microsoft System Center Operations Manager is a large-scale monitoring and management software for corporate environments from Microsoft USA. The software, formerly known as MOM Microsoft Operations Manager, is primarily used to monitor IT systems and provide monitoring support for distributed...

Microsoft Windows Secure Boot Security Vulnerability

Microsoft Windows Secure Boot is a secure boot from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Secure Boot. An attacker exploiting this vulnerability could bypass certain features. The following products and editions are affected:Windows 10 Version 1809 for...

CVE-2024-37294 Aimeos denial of service vulnerability in SaaS and marketplace setups

Aimeos is an Open Source e-commerce framework for online shops. All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack. Users should upgrade to versions 2022.10.17, 2023.10.17, or 2024.04 of the aimeos/aimeos-core package to...

PT-2024-6301 · Ivanti · Ivanti Epm

Name of the Vulnerable Software and Affected Versions: Ivanti EPM versions before 2022 SU6 Ivanti EPM versions before the 2024 September update Description: The issue is related to an unspecified SQL injection in Ivanti EPM, which allows a remote authenticated attacker with admin privileges to...

Ivanti EPM SQL注入漏洞

Ivanti EPM is a one-stop shop for managing user profiles and all client devices from Ivanti USA. An SQL injection vulnerability exists in Ivanti EPM 2022 SU5 and prior versions, which can be exploited by an attacker to execute arbitrary code...

Aimeos denial of service vulnerability in SaaS and marketplace setups

All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack...

CVE-2024-2495

Cryptographic key vulnerability encoded in the FriendlyWrt firmware affecting version 2022-11-16.51b3d35. This vulnerability could allow an attacker to compromise the confidentiality and integrity of encrypted data...

CVE-2024-2495

Cryptographic key vulnerability encoded in the FriendlyWrt firmware affecting version 2022-11-16.51b3d35. This vulnerability could allow an attacker to compromise the confidentiality and integrity of encrypted data...