Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08350)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method CreateProject, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08373)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the LockTraceLevelSettings method, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08610)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, UnlockGateway, which can be exploited by an attacker to bypass authorization controls an...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08367)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the GetLogs method, which can be exploited by an attacker to bypass authorization contro...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-09142)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from the internally used 'LockProject' method. An attacker could exploit the vulnerability to cause bypass of...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08608)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, LockUser, which can be exploited by an attacker to bypass authorization controls and...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08354)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UpdateUsers, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08353)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UpdateDatabaseSettings, which can be exploited by an attacker to bypas...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-09140)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from the internally used 'UnlockProject' method. An attacker could exploit the vulnerability to cause bypass of...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08593)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the UpdateWebServerGatewaySettings method, which can be exploited by an attacker to cause...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-09141)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that stems from the lack of proper filtering of input in the internally used 'DeleteProject' method. An attacker could exploit th...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08605)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method LockGeneralSettings, which can be exploited by an attacker to bypass authorization contro...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-09148)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method UpdateProjectCrossCommunications that can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08607)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, UnlockUser, which can be exploited by an attacker to bypass authorization controls and...

PCMan FTP Server MIC Command Buffer Overflow Vulnerability

PCMan FTP Server is a server software for file transfer protocol that provides file upload and download functions. A buffer overflow vulnerability exists in PCMan FTP Server that stems from the MIC Command Handler component failing to properly manage memory when processing a specific request. No...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08355)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UpdateProjectConnections, which can be exploited by an attacker to...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08366)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the ExportCertificate method, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08619)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method UpdateProjectUserRights, which can be exploited by an attacker to bypass authorization...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08360)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method ActivateProject, which can be exploited by an attacker to bypass...

Unspecified Vulnerability in JetBrains Toolbox App (CNVD-2025-13584)

JetBrains Toolbox App is an application for managing JetBrains development tools, providing the ability to install, update and manage multiple JetBrains tools. A security vulnerability exists in JetBrains Toolbox App that stems from the lack of authentication of the host key in the SSH plugin. An...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08368)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the CreateBackup method, which can be exploited by an attacker to bypass authorization...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08357)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method RestoreFromBackup, which can be exploited by an attacker to bypass...

Unspecified Vulnerability in JetBrains Toolbox App

JetBrains Toolbox App is an application for managing JetBrains development tools that helps users install, update and manage multiple JetBrains development tools. A security vulnerability exists in JetBrains Toolbox App that stems from unencrypted transmission of credentials during SSH...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17380)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server that originates from improper handling of the Server: DDL component and can be exploited by an attacker to cause a denial of service...

PCMan FTP Server Buffer Overflow Vulnerability (CNVD-2025-10691)

PCMan FTP Server is an FTP server software for file transfer. A buffer overflow vulnerability exists in PCMan FTP Server that stems from the SIZE command handler failing to properly validate input when processing a specific request. No detailed vulnerability details are provided at this time...

JetBrains Toolbox App Command Injection Vulnerability

JetBrains Toolbox App is an application for managing JetBrains development tools, providing installation, update, and management capabilities. JetBrains Toolbox App suffers from a command injection vulnerability that stems from the SSH plugin handling input improperly. An attacker could exploit t...

Memory release followed by re-exploitation vulnerability in several Apple products

visionOS is an AR eyewear system announced by Apple on June 6, 2023 at the 2023 Apple Worldwide Developers Conference, which will be featured for the first time in the Apple Vision Pro. tvOS is an iOS-based television operating system developed by Apple. watchOS is a set of watch operating system...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17375)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which originates from a flaw in the InnoDB component that can be exploited by attackers to cause data tampering...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08613)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, ImportConnectionVariables, which can be exploited by an attacker to bypass authorization...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08364)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from an SQL injection in the ImportCertificate method, which can be exploited by an attacker to bypass authorization...

PCMan FTP Server Buffer Overflow Vulnerability (CNVD-2025-10693)

PCMan FTP Server is a server software for File Transfer Protocol FTP. A buffer overflow vulnerability exists in PCMan FTP Server that originates when the MODE Command Handler component fails to properly validate input data when processing a specific request. No detailed vulnerability details are...

Unspecified Vulnerability in Oracle MySQL (CNVD-2025-17366)

Oracle MySQL is an open source relational database management system.MySQL Client is a MySQL client, a program used to communicate with a server to process information in a database managed by the server. A security vulnerability exists in MySQL Client for Oracle MySQL, which stems from improper...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17368)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which originates from a flaw in the InnoDB component, and can be exploited by an attacker to cause a complete denial of service attack or data tampering...

Unspecified Vulnerability in Oracle MySQL (CNVD-2025-17378)

Oracle MySQL is an open source relational database management system.MySQL Client is a MySQL client, a program used to communicate with a server to process information in a database managed by the server. A security vulnerability exists in MySQL Cluster for Oracle MySQL, which stems from...

Mattermost Information Disclosure Vulnerability (CNVD-2025-11083)

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an information disclosure vulnerability that can be exploited by an attacker to obtain sensitive information in archived channels...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17364)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which originates from a flaw in the stored procedure component and can be exploited by an attacker to cause a complete denial of service...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17365)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server that originates from improper handling of the Server: DML component and can be exploited by an attacker to cause a denial of service...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17367)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which originates from a flaw in the PS component and can be exploited by an attacker to cause a complete denial of service...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17370)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which originates from a flaw in the optimizer component and can be exploited by an attacker to cause a complete denial of service...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17372)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which originates from a flaw in the replication component and can be exploited by an attacker to cause a complete denial of service...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17376)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which can be exploited by attackers to cause a denial of service via multi-protocol network access...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17377)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which originates from a flaw in the replication component and can be exploited by an attacker to cause a complete denial of service...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17371)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which originates from a flaw in the optimizer component and can be exploited by an attacker to cause a complete denial of service...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17373)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which originates from a flaw in the optimizer component and can be exploited by an attacker to cause a complete denial of service...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17374)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server that originates from mishandling of the Server: Optimizer component and can be exploited by an attacker to cause a denial of service...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-09146)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that can be exploited by an attacker to cause remote code execution...

SonicWall NetExtender Windows client Privilege Mismanagement Vulnerability

SonicWall NetExtender Windows client is a Windows-based SSL VPN Virtual Private Network client application from SonicWALL USA. A privilege mismanagement vulnerability exists in the SonicWall NetExtender Windows client, which can be exploited by an attacker to modify the configuration and elevate...

Tenda AC10 AdvSetMacMtuWan Buffer Overflow Vulnerability

The Tenda AC10 is a high performance router designed with Gigabit ports for both WAN and LAN ports. The Tenda AC10 AdvSetMacMtuWan suffers from a buffer overflow vulnerability that can be exploited by an attacker to submit a special request and cause a denial of service attack...

ASUS AiCloud Improper Authentication Control Vulnerability

AiCloud is a cloud service from ASUS, designed to provide easy access to the data inside the router's back-up devices such as USBs or PCs, as well as uploading, downloading, playing music online, browsing documents online, sharing links to Facebook, and setting up Smart Sync to synchronize with t...

Google Chrome heap buffer overflow vulnerability (CNVD-2025-09156)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to submit a special Web request that can be tricked into being parsed by the user, crashing the application or executing arbitrary...