Lucene search
K

5313 matches found

Vulnrichment
Vulnrichment
added 2026/03/17 2:32 p.m.2 views

CVE-2025-13406 Scanning for higher HART revision device leads into NULL pointer dereference in live list

NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT Webserver modules allows HTTP DoS.This issue affects smartLink SW-HT: 1.43...

6.8CVSS5.8AI score0.00315EPSS
Exploits0References2
CVE
CVE
added 2026/03/17 2:32 p.m.8 views

CVE-2025-13406

Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) is affected by a NULL Pointer Dereference in the webserver handling HTTP requests, causing HTTP DoS for smartLink SW-HT 1.43. Root cause: null pointer dereference in the webserver module. Impact: denial of service affecting av...

6.8CVSS5.8AI score0.00315EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/17 2:32 p.m.25 views

CVE-2025-13406 Scanning for higher HART revision device leads into NULL pointer dereference in live list

NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT Webserver modules allows HTTP DoS.This issue affects smartLink SW-HT: 1.43...

6.8CVSS0.00315EPSS
Exploits0References2
NVD
NVD
added 2026/03/16 8:16 p.m.6 views

CVE-2026-29516

Buffalo TeraStation NAS TS5400R firmware version 4.02-0.06 and prior contain an excessive file permissions vulnerability that allows authenticated attackers to read the /etc/shadow file by uploading and executing a PHP file through the webserver. Attackers can exploit world-readable permissions o...

6.9CVSS0.00513EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/16 3:30 p.m.4 views

EUVD-2025-208727

Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT Webserver modules allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42...

9.2CVSS6AI score0.00493EPSS
Exploits0References3
NVD
NVD
added 2026/03/16 2:17 p.m.5 views

CVE-2025-10461

Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...

5.3CVSS0.00369EPSS
Exploits0References2
NVD
NVD
added 2026/03/16 2:17 p.m.3 views

CVE-2025-10685

Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT Webserver modules allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42...

9.2CVSS0.00493EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/16 1:27 p.m.3 views

CVE-2025-10461 Global file reads caused by improper URL checks in webserver

Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...

5.3CVSS5.8AI score0.00369EPSS
Exploits0References2
CVE
CVE
added 2026/03/16 1:27 p.m.21 views

CVE-2025-10461

The CVE-2025-10461 affects Softing Industrial Automation GmbH smartLinks running in Docker (filesystem modules), where improper URL checks enable global file reads. Affected versions: smartLink SW-HT up to 1.42 and smartLink SW-PN up to 1.03. Root cause is insufficient URL validation allowing acc...

5.3CVSS5.8AI score0.00369EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/16 1:14 p.m.3 views

CVE-2025-10685 HTTP POST with specific higher content length leads into heap corruption

Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT Webserver modules allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42...

9.2CVSS6AI score0.00493EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/16 1:14 p.m.24 views

CVE-2025-10685 HTTP POST with specific higher content length leads into heap corruption

Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT Webserver modules allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42...

9.2CVSS0.00493EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.4 views

PT-2026-25863

Name of the Vulnerable Software and Affected Versions Romeo versions prior to 0.2.2 Description Romeo, a Go code coverage tool, contains a path traversal flaw in the sanitizeArchivePath function located in webserver/api/v1/decoder.go lines 80-88. This is due to a missing trailing path separator i...

8.3CVSS6.5AI score0.00434EPSS
Exploits1References11
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.9 views

Softing smartLink SW-HT和Softing smartLink SW-PN 安全漏洞

Softing smartLink SW-HT and Softing smartLink SW-PN are both products of Softing Corporation. Softing smartLink SW-HT is a HART multiplexer that allows for easy and quick access to HART field devices without the need for additional hardware. Softing smartLink SW-PN is an industrial communication...

9.2CVSS6AI score0.00493EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.8 views

Softing smartLink SW-HT和Softing smartLink SW-PN 安全漏洞

Softing smartLink SW-HT and Softing smartLink SW-PN are both products of Softing Corporation. Softing smartLink SW-HT is a HART multiplexer that allows for easy and quick access to HART field devices without the need for additional hardware. Softing smartLink SW-PN is an industrial communication...

5.3CVSS5.8AI score0.00369EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.8 views

PT-2026-25711

Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT Webserver modules allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42...

9.2CVSS6AI score0.00493EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.6 views

PT-2026-25798

Name of the Vulnerable Software and Affected Versions Buffalo TeraStation NAS TS5400R versions 4.02-0.06 and earlier Description An excessive file permissions issue exists in Buffalo TeraStation NAS TS5400R. Authenticated attackers can read the /etc/shadow file by uploading and executing a PHP fi...

6.9CVSS5.8AI score0.00513EPSS
Exploits0References6
Snyk
Snyk
added 2026/03/13 6:56 p.m.5 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the file replace API. An attacker can delete files belonging to other users by abusing insufficient authorization checks on the deleteNewFile flag. Note: This is only exploitable if the attacker has permission...

6.6CVSS5.8AI score0.00179EPSS
Exploits0References2
NVD
NVD
added 2026/02/27 9:16 p.m.9 views

CVE-2026-28352

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.11, the API endpoint used to manage event series is missing an access check, allowing unauthenticated/unauthorized access to this endpoint. The impact of this ...

6.5CVSS0.00264EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/27 9:1 p.m.4 views

CVE-2026-28352

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.11, the API endpoint used to manage event series is missing an access check, allowing unauthenticated/unauthorized access to this endpoint. The impact of this ...

6.5CVSS5.9AI score0.00264EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/02/27 9:1 p.m.6 views

EUVD-2026-9071

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.11, the API endpoint used to manage event series is missing an access check, allowing unauthenticated/unauthorized access to this endpoint. The impact of this ...

6.5CVSS5.9AI score0.00264EPSS
Exploits0References2
Rows per page
Query Builder