Schneider Electric PowerChute Serial Shutdown CRLF Injection Vulnerability

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. Schneider Electric PowerChute Serial Shutdown suffers from a CRLF injection vulnerability that stems from improper CRLF sequence neutralization, which...

Schneider Electric PowerChute Serial Shutdown Log Message Disclosure Vulnerability

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. Schneider Electric PowerChute Serial Shutdown suffers from a log information disclosure vulnerability that can be exploited by an attacker to cause a W...

EUVD-2026-22286

CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an attacker...

EUVD-2026-22290

CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload...

CVE-2026-2401

CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an attacker...

CVE-2026-2401

CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an attacker...

CVE-2026-2401

Technical details for CVE-2026-2401 are not publicly available in the provided documents; monitor for updates.

CVE-2026-2401

CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an attacker...

CVE-2026-2405

CWE-400 Uncontrolled Resource Consumption vulnerability exists that could cause excessive troubleshooting zip file creation and denial of service when a Web Admin user floods the system with POST /helpabout requests...

CVE-2026-2399

CVE-2026-2399 describes a Path Traversal flaw (CWE-22) that can cause critical files to be overwritten with text data when a Web Admin user alters the POST /REST/upssleep payload. The vulnerability arises from improper limitation of a pathname to a restricted directory. Impact per the provided me...

PT-2026-32671

CWE-22 Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause critical files overwritten with text data when a Web Admin user alters the POST /REST/upssleep request payload...

CVE-2025-60854

A vulnerability has been found in D-Link R15 AX1500 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd...

CVE-2025-60854

A vulnerability has been found in D-Link R15 AX1500 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd...

CVE-2025-60854

A vulnerability has been found in D-Link R15 AX1500 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd...

CVE-2025-11565

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause elevated system access when a Web Admin user on the local network tampers with the POST /REST/UpdateJRE request payload...

CVE-2021-25267

Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 19.0 GA...

SonicOS Elevation of Privilege Vulnerability

SonicWall SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWall, Inc. An authorization issue vulnerability exists in SonicWall SonicOS. The vulnerability stems from a lack of authentication measures or insufficient authentication strength in a network...

Juniper Networks Junos OS Authorization Issues Vulnerability (CNVD-2019-41474)

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. An authorization issue vulnerability exists in Juniper Networks Junos OS. The vulnerability stems from a lack of...

Open-Xchange OX App Suite Access Control Error Vulnerability (CNVD-2019-15677)

Open-Xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. An Access Control Error vulnerability exists in Open-Xchange OX App Suite 7.8.3 and prior versions. The vulnerabilit...

Microsoft Edge Permission License and Access Control Issues Vulnerability

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A vulnerability exists in Microsoft Edge for privilege permission and access control issues. The vulnerability stems from a lack of effective privilege-granting and access-control measure...