CVE-2026-4901

Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with vulnerability CVE-2026-34184, these sensitive information could be accessed by an unauthorized...

CVE-2024-27176

An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by falsifying session ID variable. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than...

CVE-2024-27178

CVE-2024-27178 affects Toshiba e-STUDIO multifunction printers. The vulnerability allows Remote Code Execution by overwriting files, enabled by falsifying the file name variable. The issue can be leveraged in combination with other vulnerabilities; exploitation context beyond a single vulnerabili...

CVE-2024-27176

CVE-2024-27176 affects Toshiba MFP/Toshiba Tec e-STUDIO printers. The root cause is an issue where an attacker can cause Remote Code Execution by overwriting files, enabled by falsifying a session ID variable. The vulnerability is documented as potentially exploitable in combination with other we...

CVE-2024-27173

Toshiba e-STUDIO multi-function printers are affected by CVE-2024-27173 in the Remote Command program, enabling remote code execution by overwriting Python executables. Root cause involves execution of code via uploaded/modified Python files, with impact to confidentiality, integrity, and availab...

inspircd -- authentication bypass vulnerability

Adam reports: A serious vulnerability exists in when using msasl in combination with any services that support SASL EXTERNAL. To be vulnerable you must have msasl loaded, and have services which support SASL EXTERNAL authentication...