CVE-2019-3017

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

CVE-2019-8194

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

CVE-2019-5081

An exploitable heap buffer overflow vulnerability exists in the iocheckd service ''I/O-Chec'' functionality of WAGO PFC 200 Firmware version 03.01.0713 and 03.00.3912, and WAGO PFC100 Firmware version 03.00.3912. A specially crafted set of packets can cause a heap buffer overflow, potentially...

CVE-2018-7935

There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable...

CVE-2019-5218

There is an insufficient authentication vulnerability in Huawei Band 2 and Honor Band 3. The band does not sufficiently authenticate the device try to connect to it in certain scenario. Successful exploit could allow the attacker to spoof then connect to the band...

CVE-2010-1517

The GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers to 1 download arbitrary programs onto a client system, and execute these programs, via vectors involving the dl method; and 2 download arbitrary programs onto a client system via vectors involving the SetDLInfo method in...

Cisco Unified Communications Products Privilege Escalation Vulnerability

A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to excessive permissions that have been assigned to system commands. An attack...

PT-2025-21766 · Imagination Technologies · Graphics Ddk

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to read and/or write data outside the Guest's virtualised GPU memory. Recommendations:...

CVE-2025-31071

CVE-2025-31071 affects HotStar – Multi-Purpose Business Theme (themeton) up to version 1.4. The issue is a Missing Authorization vulnerability that allows exploitation of incorrectly configured access control. CVSSv3.1 base score is 5.3 (NETWORK, LOW attack complexity, PRIVILEGES REQUIRED: NONE, ...

CVE-2025-4756 D-Link DI-7003GV2 restart.asp denial of service

A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R68125. It has been declared as problematic. This vulnerability affects unknown code of the file /H5/restart.asp. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the publ...

Art Gallery Management System /admin/add-art-medium.php File SQL Injection Vulnerability

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter artmed in the file /admin/add-art-medium.php. An attacker c...

PT-2025-20873 · Siemens · Scalance Lpe9403

Name of the Vulnerable Software and Affected Versions: SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions Description: A flaw has been identified in the handling of multiple incoming Profinet packets received in rapid succession. An unauthenticated remote attacker can exploit this issue by sending...

Huawei HarmonyOS Permission Issues Vulnerability

Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from a privilege issue vulnerability that stems from an improper implementation of the file system module's authentication logic, which can be exploited by an attacker to steal sensitive information ...

PT-2025-20654 · Shanghai Bairui Information Technology · Sunloginclient

Name of the Vulnerable Software and Affected Versions: Shanghai Bairui Information Technology SunloginClient version 15.8.3.19819 Description: A critical vulnerability has been found in the library process.dll of the file sunlogin guard.exe, affecting an unknown part. The manipulation leads to an...

Tenda AC9 /goform/WifiBasicSet Interface Buffer Overflow Vulnerability

Tenda AC9 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC9 version V15.03.05.14multi, which originates from the /goform/WifiBasicSet security parameter that fails to properly validate the length of the input data, and can be exploited by a...

COVID19 Testing Management System password-recovery.php File SQL Injection Vulnerability

The COVID19 Testing Management System is a new crown pneumonia testing management system. COVID19 Testing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter contactno in the file...

CVE-2025-46815

The identity infrastructure software ZITADEL offers developers the ability to manage user sessions using the Session API. This API enables the use of IdPs for authentication, known as idp intents. Following a successful idp intent, the client receives an id and token on a predefined URI. These id...

PT-2025-19829 · Unknown · Itsourcecode Content Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Content Management System version 1.0 Description: A critical issue has been discovered, affecting a part of the /admin/add topic.php?category=BBS file. The manipulation of the Cover Image argument leads to unrestricted upload...

The vulnerability of Juniper Networks’ Junos routers of the SRX series, which allows a attacker to cause a service failure.

The vulnerability of Juniper Networks’ Junos router series SRX devices, specifically those related to flow processing on operating systems, is related to the swapping of zero pointers. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the Git-based software platform for collaborative code development on GitLab EE/CE lies in its unlimited resource distribution, which allows attackers to trigger service interruptions.

The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE relates to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...