5 matches found
CVE-2025-0188
A Server-Side Request Forgery SSRF vulnerability was discovered in gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability allows an attacker to construct a response link by saving the response in a folder named after the SHA-1 hash of the target URL. This enables the attacker to access th...
mySCADA myPRO Manager
RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands or disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...
CVE-2021-28589 Adobe Media Encoder TS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Media Encoder version 15.2 and earlier is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue...
ImageMagick integer overflow vulnerability (CNVD-2021-10261)
ImageMagick is a software for creating, editing, and composing images that can read, convert, and write images in many formats. An integer overflow vulnerability exists in MagickCore/statistic.c in versions of ImageMagick prior to 7.0.9-0. An attacker can exploit this vulnerability by submitting ...
Baxter Phoenix Hemodialysis Delivery System (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Baxter Equipment: Phoenix Hemodialysis Delivery System Vulnerability: Cleartext Transmission of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...