5313 matches found
CVE-2025-13406 Scanning for higher HART revision device leads into NULL pointer dereference in live list
NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT Webserver modules allows HTTP DoS.This issue affects smartLink SW-HT: 1.43...
CVE-2025-13406
Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) is affected by a NULL Pointer Dereference in the webserver handling HTTP requests, causing HTTP DoS for smartLink SW-HT 1.43. Root cause: null pointer dereference in the webserver module. Impact: denial of service affecting av...
CVE-2025-13406 Scanning for higher HART revision device leads into NULL pointer dereference in live list
NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT Webserver modules allows HTTP DoS.This issue affects smartLink SW-HT: 1.43...
CVE-2026-29516
Buffalo TeraStation NAS TS5400R firmware version 4.02-0.06 and prior contain an excessive file permissions vulnerability that allows authenticated attackers to read the /etc/shadow file by uploading and executing a PHP file through the webserver. Attackers can exploit world-readable permissions o...
EUVD-2025-208727
Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT Webserver modules allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42...
CVE-2025-10461
Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...
CVE-2025-10685
Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT Webserver modules allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42...
CVE-2025-10461 Global file reads caused by improper URL checks in webserver
Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...
CVE-2025-10461
The CVE-2025-10461 affects Softing Industrial Automation GmbH smartLinks running in Docker (filesystem modules), where improper URL checks enable global file reads. Affected versions: smartLink SW-HT up to 1.42 and smartLink SW-PN up to 1.03. Root cause is insufficient URL validation allowing acc...
CVE-2025-10685 HTTP POST with specific higher content length leads into heap corruption
Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT Webserver modules allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42...
CVE-2025-10685 HTTP POST with specific higher content length leads into heap corruption
Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT Webserver modules allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42...
PT-2026-25863
Name of the Vulnerable Software and Affected Versions Romeo versions prior to 0.2.2 Description Romeo, a Go code coverage tool, contains a path traversal flaw in the sanitizeArchivePath function located in webserver/api/v1/decoder.go lines 80-88. This is due to a missing trailing path separator i...
Softing smartLink SW-HT和Softing smartLink SW-PN 安全漏洞
Softing smartLink SW-HT and Softing smartLink SW-PN are both products of Softing Corporation. Softing smartLink SW-HT is a HART multiplexer that allows for easy and quick access to HART field devices without the need for additional hardware. Softing smartLink SW-PN is an industrial communication...
Softing smartLink SW-HT和Softing smartLink SW-PN 安全漏洞
Softing smartLink SW-HT and Softing smartLink SW-PN are both products of Softing Corporation. Softing smartLink SW-HT is a HART multiplexer that allows for easy and quick access to HART field devices without the need for additional hardware. Softing smartLink SW-PN is an industrial communication...
PT-2026-25711
Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT Webserver modules allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42...
PT-2026-25798
Name of the Vulnerable Software and Affected Versions Buffalo TeraStation NAS TS5400R versions 4.02-0.06 and earlier Description An excessive file permissions issue exists in Buffalo TeraStation NAS TS5400R. Authenticated attackers can read the /etc/shadow file by uploading and executing a PHP fi...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the file replace API. An attacker can delete files belonging to other users by abusing insufficient authorization checks on the deleteNewFile flag. Note: This is only exploitable if the attacker has permission...
CVE-2026-28352
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.11, the API endpoint used to manage event series is missing an access check, allowing unauthenticated/unauthorized access to this endpoint. The impact of this ...
CVE-2026-28352
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.11, the API endpoint used to manage event series is missing an access check, allowing unauthenticated/unauthorized access to this endpoint. The impact of this ...
EUVD-2026-9071
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.11, the API endpoint used to manage event series is missing an access check, allowing unauthenticated/unauthorized access to this endpoint. The impact of this ...