16821 matches found
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication via the Manager web UI endpoints /api/v1/jobs and /preheats. An attacker can gain unauthorized access to create, delete, or modify jobs, and initiate preheat jobs by sending unauthenticated requests to these...
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication via the Manager web UI endpoints /api/v1/jobs and /preheats. An attacker can gain unauthorized access to create, delete, or modify jobs, and initiate preheat jobs by sending unauthenticated requests to these...
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication via the Manager web UI endpoints /api/v1/jobs and /preheats. An attacker can gain unauthorized access to create, delete, or modify jobs, and initiate preheat jobs by sending unauthenticated requests to these...
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication via the Manager web UI endpoints /api/v1/jobs and /preheats. An attacker can gain unauthorized access to create, delete, or modify jobs, and initiate preheat jobs by sending unauthenticated requests to these...
Dragonfly 安全漏洞
Dragonfly is an open source framework from DragonflyDB that allows dynamic processing of any content type. A security vulnerability exists in Dragonfly versions prior to 2.1.0 that stems from a gRPC API and HTTP API that allows a peer node to send a request to force a receiving node to create a...
PT-2025-38257
Name of the Vulnerable Software and Affected Versions: network access control services affected versions not specified Description: A vulnerability exists in the web-based management interface that could allow a remote attacker to conduct a Reflected Cross-Site Scripting XSS attack. Successful...
CVE-2025-37128
A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitrary running processes. Successful exploitation could allow an attacker to disrupt system operations, potentially resulting in an unstable system state...
CVE-2025-37128 Authenticated Arbitrary Process Termination allows potential System Disruption in ECOS
A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitrary running processes. Successful exploitation could allow an attacker to disrupt system operations, potentially resulting in an unstable system state...
CVE-2025-37128 Authenticated Arbitrary Process Termination allows potential System Disruption in ECOS
A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitrary running processes. Successful exploitation could allow an attacker to disrupt system operations, potentially resulting in an unstable system state...
CVE-2025-26711
There is an unauthorized access vulnerability in ZTE T5400. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface...
PT-2025-38088
Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking EdgeConnect SD-WAN Gateways affected versions not specified Description: A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitra...
Wavlink WL-WN578W2 sub_404850 function OS Command Injection Vulnerability
The Wavlink WL-WN578W2 is a wireless repeater from China's Wavlink. An operating system command injection vulnerability exists in Wavlink WL-WN578W2 version 221110, which originates from the parameter deletelist in the function sub404850 in the file /cgi-bin/wireless.cgi that fails to correctly...
CVE
It is an information repository for CVE details, providing a col...
Dell Data Domain Operating System Web Interface Detection
Binary data delldatadomainoperatingsystemwebinterfacedetect.nbin...
CVE-2025-10401
CVE-2025-10401 concerns the D-Link DIR-823x family (firmware up to 250416). The vulnerability exists in the diag_ping handling (file path /goform/diag_ping) where manipulation of the target_addr argument enables arbitrary command execution via a command-injection flaw. It is a remote exploit with...
CVE-2025-10364
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...
CVE-2025-10365
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...
CVE-2025-10364 Unauthenticated Arbitrary Command Injection in Evertz SDVN
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...
CVE-2025-10364 Unauthenticated Arbitrary Command Injection in Evertz SDVN
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...
CVE-2025-10364
CVE-2025-10364 affects the Evertz SDVN 3080ipx-10G web management interface. The issue is a command-injection vulnerability in feature-transfer-export.php that allows remote unauthenticated arbitrary code execution with root privileges. The connected sources confirm the vulnerability is tied to t...