16821 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-10026
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI...
CVE-2010-20113
EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer overflow vulnerability in its HTTP interface. When processing a GET request to list.html, the server fails to properly validate the length of the path parameter. Supplying an excessively long value causes a buffer overflow on the...
CVE-2022-31491
Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this t...
CVE-2010-20059
FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in its web interface. The execraw.php script exposes a cmd parameter that is passed directly to the underlying shell without sanitation...
CVE-2025-20269
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the underlying file system on an affected device. This vulnerabili...
CVE-2025-9225
Stored cross-site scripting XSS in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser...
CVE-2025-41452
Danfoss AK-SM8xxA Series before 4.3.1 contains a post-authenticated external control of the system Web interface configuration, with improper handling of exceptional conditions that could cause a DoS. CVSS 6.8 (Network, high attack complexity, high impact on availability). Remediation: update to ...
CVE-2025-41452 Post auth nginx configuration injection in Danfoss AK-SM8xxA Series
Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by improper handling of exceptional conditions...
CVE-2022-31491
CVE-2022-31491 affects Voltronic Power ViewPower (<= 1.04-24215), ViewPower Pro (<= 2.0-22165), and PowerShield Netguard ( 1.04-24215, ViewPower Pro > 2.0-22165, Netguard >= 1.04-23292); multiple advisories (CISA ICS, Red Hat, NVD) corroborate the vulnerability. If available, PoC/Expl...
PT-2025-34328 · Danfoss · Ak-Sm8Xxa
Name of the Vulnerable Software and Affected Versions: Danfoss AK-SM8xxA Series versions prior to 4.3.1 Description: A post-authenticated external control of system web interface configuration setting issue exists. This could allow for a denial of service attack due to improper handling of...
Voltronic Power多款产品 安全漏洞
Voltronic Power ViewPower and others are products of Voltronic Power.Voltronic Power ViewPower is a monitoring and management software for solar inverters.Voltronic Power ViewPower Pro is a software for monitoring and managing uninterrupted Voltronic Power ViewPower Pro is a software program for...
Voltronic Power ViewPower和PowerShield NetGuard 安全漏洞
Voltronic Power ViewPower is a monitoring and management software for solar inverters from Voltronic Power.PowerShield NetGuard is an uninterruptible power supply management software from PowerShield New Zealand. A security vulnerability exists in Voltronic Power ViewPower versions 1.04-21353 and...
CVE-2022-43110
CVE-2022-43110 affects Voltronic Power ViewPower up to 1.04-21353 and PowerShield Netguard up to 1.04-23292. An unauthenticated remote attacker can configure the system via an unspecified web interface, including changing the web admin password, viewing/changing system configuration, enumerating ...
CVE-2022-31491
Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this t...
CVE-2022-31491
Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this t...
CVE-2022-43110
Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a remote attacker to configure the system via an unspecified web interface. An unauthenticated remote attacker can make changes to the system including: changing the web interface admin password,...
CVE-2010-20113
EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer overflow vulnerability in its HTTP interface. When processing a GET request to list.html, the server fails to properly validate the length of the path parameter. Supplying an excessively long value causes a buffer overflow on the...
CVE-2010-20113
CVE-2010-20113 affects EasyFTP Server versions up to 1.7.0.11. A stack-based buffer overflow occurs in the HTTP interface when handling a GET to /list.html, due to improper validation of the length of the path parameter. Supplying an excessively long value can overflow the stack and potentially c...
CVE-2010-20113 EasyFTP Server list.html path Stack Buffer Overflow
EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer overflow vulnerability in its HTTP interface. When processing a GET request to list.html, the server fails to properly validate the length of the path parameter. Supplying an excessively long value causes a buffer overflow on the...
Qualitia Active! Mail Web Interface Detection
Binary data qualitiaactivemailwebdetect.nbin...