33 matches found
SUSE-SU-2026:20535-1 Security update for cups
This update for cups fixes the following issues: Update to version 2.4.16. Security issues fixed: - CVE-2025-58436: single client sending slow messages to cupsd can delay the application and make it unusable for other clients bsc1244057. - CVE-2025-58060: authentication bypass with AuthType...
PT-2026-21676
Name of the Vulnerable Software and Affected Versions RTU500 affected versions not specified Description An unprivileged user can read user management information through the RTU500 web interface. Accessing this information requires tools like browser development utilities and does not occur...
SUSE-SU-2026:20229-1 Security update for cups
This update for cups fixes the following issues: Update to version 2.4.16. Security issues fixed: - CVE-2025-61915: local denial-of-service via cupsd.conf update and related issues bsc1253783. - CVE-2025-58436: slow client communication leads to a possible DoS attack bsc1244057. - CVE-2025-58364:...
CVE-2019-20500
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=configsave configBackup or downloadServerip parameter...
EUVD-2018-2767
Malware in sbrugna...
EUVD-2015-3111
Malware in sbrugna...
EUVD-2007-1420
Malware in sbrugna...
EUVD-2014-2187
Malware in sbrugna...
EUVD-2005-3040
Malware in sbrugna...
EUVD-2025-10327
Malicious code in bioql PyPI...
EUVD-2022-52270
Malicious code in bioql PyPI...
EUVD-2024-36335
Malicious code in bioql PyPI...
CVE-2025-34079
An authenticated remote code execution vulnerability exists in NSClient++ version 0.5.2.35 when the web interface and ExternalScripts module are enabled. A remote attacker with the administrator password can authenticate to the web interface default port 8443, inject arbitrary commands as externa...
PT-2025-27534 · Avtech · Avtech Dvr +2
Name of the Vulnerable Software and Affected Versions: AVTECH IP camera, DVR, and NVR devices affected versions not specified Description: A cross-site request forgery CSRF issue exists in the web interface of the devices. An attacker can craft malicious requests that, when executed in the contex...
CVE-2024-12896
A vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 up to 20241222 and classified as problematic. Affected by this issue is some unknown functionality of the file /webcaps/webCapsConfig of the component Web Interface. The manipulation leads to...
CVE-2024-13130
A vulnerability was found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to...
CVE-2023-24584
Controller 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. This issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a, all versions of vCR8.40 and prior...
CVE-2023-51738
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Network Name SSID parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...
CVE-2020-25759
An issue was discovered on D-Link DSR-250 3.17 devices. Certain functionality in the Unified Services Router web interface could allow an authenticated attacker to execute arbitrary commands, due to a lack of validation of inputs provided in multipart HTTP POST requests...
CVE-2019-19284
A vulnerability has been identified in XHQ All Versions 6.1. The web interface could allow Cross-Site Scripting XSS attacks if an attacker is able to modify content of particular web pages, causing the application to behave in unexpected ways for legitimate users...