CVE-2026-26235 (v3: 7.5) 12 feb. 2026

JUNG Smart Visu Server 1.1.1050 contains a denial of service vulnerability that allows unauthenticated attackers to remotely shutdown or reboot the server. Attackers can send a single POST request to trigger the server reboot without requiring any authentication.

CVE-2026-26234 (v3: 8.8) 12 feb. 2026

JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override request URLs by injecting arbitrary values in the X-Forwarded-Host header. Attackers can manipulate proxied requests to generate tainted responses, enabling cache poisoning, potential phishing, and redirecting users to malicious domains.

CVE-2026-1537 (v3: 5.3) 12 feb. 2026

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the load_step() function in all versions up to, and including, 5.2.6. This makes it possible for unauthenticated attackers to view booking information including customer names, email addresses, phone numbers, appointment times, and service details.

CVE-2026-23857 (v3: 8.2) 12 feb. 2026

Dell Update Package (DUP) Framework, versions 23.12.00 through 24.12.00, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

CVE-2026-23856 (v3: 7.8) 12 feb. 2026

Dell iDRAC Service Module (iSM) for Windows, versions prior to 6.0.3.1, and Dell iDRAC Service Module (iSM) for Linux, versions prior to 5.4.1.1, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

CVE-2026-0969 (v3: 8.8) 12 feb. 2026

The serialize function used to compile MDX in next-mdx-remote is vulnerable to arbitrary code execution due to insufficient sanitization of MDX content.

CVE-2026-1729 (v3: 9.8) 12 feb. 2026

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sb_login_user_with_otp_fun' function. This makes it possible for unauthenticated attackers to log in as arbitrary users, including administrators.

CVE-2026-26215 11 feb. 2026

manga-image-translator version beta-0.3 and prior in shared API mode contains an unsafe deserialization vulnerability that can lead to unauthenticated remote code execution. The FastAPI endpoints /simple_execute/{method} and /execute/{method} deserialize attacker-controlled request bodies using pickle.loads() without validation. Although a nonce-based authorization check is intended to restrict access, the nonce defaults to an empty string and the check is skipped, allowing remote attackers to execute arbitrary code in the server context by sending a crafted pickle payload.

CVE-2026-20700 11 feb. 2026

A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report.

CVE-2026-20682 11 feb. 2026

A logic issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker may be able to discover a user’s deleted notes.

CVE-2026-20681 11 feb. 2026

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Tahoe 26.3. An app may be able to access information about a user's contacts.

CVE-2026-20680 11 feb. 2026

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. A sandboxed app may be able to access sensitive user data.

CVE-2026-20678 11 feb. 2026

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An app may be able to access sensitive user data.

CVE-2026-20677 11 feb. 2026

A race condition was addressed with improved handling of symbolic links. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. A shortcut may be able to bypass sandbox restrictions.

CVE-2026-20676 11 feb. 2026

This issue was addressed through improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, Safari 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions.

CVE-2026-20675 11 feb. 2026

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a maliciously crafted image may lead to disclosure of user information.

CVE-2026-20674 11 feb. 2026

A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to a locked device may be able to view sensitive user information.

CVE-2026-20673 11 feb. 2026

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4. Turning off "Load remote content in messages” may not apply to all mail previews.

CVE-2026-20671 11 feb. 2026

A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker in a privileged network position may be able to intercept network traffic.

CVE-2026-20669 11 feb. 2026

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.

CVE-2026-20667 11 feb. 2026

A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 26.3 and iPadOS 26.3. An app may be able to break out of its sandbox.

CVE-2026-20666 11 feb. 2026

An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.

CVE-2026-20663 11 feb. 2026

The issue was resolved by sanitizing logging. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An app may be able to enumerate a user's installed apps.

CVE-2026-20662 11 feb. 2026

An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An attacker with physical access to a locked device may be able to view sensitive user information.

CVE-2026-20661 11 feb. 2026

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.

CVE-2026-20660 11 feb. 2026

A path handling issue was addressed with improved logic. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. A remote user may be able to write arbitrary files.

CVE-2026-20658 11 feb. 2026

A package validation issue was addressed by blocking the vulnerable package. This issue is fixed in macOS Tahoe 26.3. An app may be able to gain root privileges.

CVE-2026-20656 11 feb. 2026

A logic issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, Safari 26.3, macOS Tahoe 26.3. An app may be able to access a user's Safari history.

CVE-2026-20655 11 feb. 2026

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.

CVE-2026-20654 11 feb. 2026

The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to cause unexpected system termination.

CVE-2026-20653 11 feb. 2026

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to access sensitive user data.

CVE-2026-20652 11 feb. 2026

The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. A remote attacker may be able to cause a denial-of-service.

CVE-2026-20650 11 feb. 2026

A denial-of-service issue was addressed with improved validation. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets.

CVE-2026-20649 11 feb. 2026

A logging issue was addressed with improved data redaction. This issue is fixed in watchOS 26.3, iOS 26.3 and iPadOS 26.3, tvOS 26.3, macOS Tahoe 26.3. A user may be able to view sensitive user information.

CVE-2026-20648 11 feb. 2026

A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to access notifications from other iCloud devices.

CVE-2026-20647 11 feb. 2026

This issue was addressed with improved data protection. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.

CVE-2026-20646 11 feb. 2026

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to read sensitive location information.

CVE-2026-20645 11 feb. 2026

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.

CVE-2026-20644 11 feb. 2026

The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.

CVE-2026-20642 11 feb. 2026

An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. A person with physical access to an iOS device may be able to access photos from the lock screen.

CVE-2026-20641 11 feb. 2026

A privacy issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to identify what other apps a user has installed.

CVE-2026-20640 11 feb. 2026

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to iPhone may be able to take and view screenshots of sensitive data from the iPhone during iPhone Mirroring with Mac.

CVE-2026-20638 11 feb. 2026

A logic issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3. A user with Live Caller ID app extensions turned off could have identifying information leaked to the extensions.

CVE-2026-20636 11 feb. 2026

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.3 and iPadOS 26.3, Safari 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.

CVE-2026-20635 11 feb. 2026

The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.

CVE-2026-20634 11 feb. 2026

The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a maliciously crafted image may result in disclosure of process memory.

CVE-2026-20630 11 feb. 2026

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.3. An app may be able to access protected user data.

CVE-2026-20629 11 feb. 2026

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data.

CVE-2026-20628 11 feb. 2026

A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to break out of its sandbox.

CVE-2026-20627 11 feb. 2026

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in watchOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to access sensitive user data.

CVE-2025-67135 11 feb. 2026

Weak Security in the PF-50 1.2 keyfob of PGST PG107 Alarm System 1.25.05.hf allows attackers to compromise access control via a code replay attack.

CVE-2025-64074 11 feb. 2026

A path-traversal vulnerability in the logout functionality of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote attackers to delete arbitrary files on the host by supplying a crafted session cookie value.

CVE-2025-46310 11 feb. 2026

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4. An attacker with root privileges may be able to delete protected system files.

CVE-2025-46305 11 feb. 2026

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash.

CVE-2025-46304 11 feb. 2026

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash.

CVE-2025-46303 11 feb. 2026

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash.

CVE-2025-46302 11 feb. 2026

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash.

CVE-2025-46301 11 feb. 2026

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash.

CVE-2025-46300 11 feb. 2026

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash.

CVE-2025-46290 11 feb. 2026

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4. A remote attacker may be able to cause a denial-of-service.

CVE-2025-43537 11 feb. 2026

A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5. Restoring a maliciously crafted backup file may lead to modification of protected system files.

CVE-2025-43417 11 feb. 2026

A path handling issue was addressed with improved logic. This issue is fixed in macOS Sonoma 14.8.4. An app may be able to access user-sensitive data.

CVE-2025-43403 11 feb. 2026

An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4. An app may be able to access sensitive user data.

CVE-2025-68663 11 feb. 2026

Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a vulnerability was found in Outline's WebSocket authentication mechanism that allows suspended users to maintain or establish real-time WebSocket connections and continue receiving sensitive operational updates after their account has been suspended. This vulnerability is fixed in 1.1.0.

CVE-2025-64487 (v3: 7.6) 11 feb. 2026

Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorization checks between user and group membership management endpoints. This vulnerability is fixed in 1.1.0.

CVE-2025-70297 11 feb. 2026

A stored cross-site scripting (XSS) vulnerability in the recipe asset upload and media serving component in Mealie 3.3.1 allows remote authenticated users to inject arbitrary web script or HTML via an uploaded SVG file that is served as image/svg+xml and rendered by a victim s browser.

CVE-2025-70296 11 feb. 2026

A stored HTML injection vulnerability in the Recipe Notes rendering component in Mealie 3.3.1 allows remote authenticated users to inject arbitrary HTML, resulting in user interface redressing within the recipe view.

CVE-2025-69873 11 feb. 2026

ajv (Another JSON Schema Validator) through version 8.17.1 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., "^(a|a)*$") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation.

CVE-2025-69872 11 feb. 2026

DiskCache (python-diskcache) through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache.

CVE-2025-69871 11 feb. 2026

A race condition vulnerability exists in MedusaJS Medusa v2.12.2 and earlier in the registerUsage() function of the promotion module. The function performs a non-atomic read-check-update operation when enforcing promotion usage limits. This allows unauthenticated remote attackers to bypass usage limits by sending concurrent checkout requests, resulting in unlimited redemptions of limited-use promotional codes and potential financial loss.

CVE-2025-70085 11 feb. 2026

An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two filenames (Source1Filename and the string returned by FileUtil_FileStateStr) into this buffer without any length checking and without using bounded format specifiers such as %.*s. If the filename length approaches OS_MAX_PATH_LEN (commonly 64-256 bytes), the combined formatted string together with constant text can exceed 256 bytes, resulting in a stack buffer overflow. Such unsafe sprintf calls are scattered across multiple functions in file.c, including FILE_ConcatenateCmd() and ConcatenateFiles(), all of which fail to validate the output length.

CVE-2025-70084 11 feb. 2026

Directory traversal vulnerability in OpenSatKit 2.2.1 allows attackers to gain access to sensitive information or delete arbitrary files via crafted value to the FileUtil_GetFileInfo function.

CVE-2025-70083 11 feb. 2026

An issue was discovered in OpenSatKit 2.2.1. The DirName field in the telecommand is provided by the ground segment and must be treated as untrusted input. The program copies DirName into the local buffer DirWithSep using strcpy. The size of this buffer is OS_MAX_PATH_LEN. If the length of DirName is greater than or equal to OS_MAX_PATH_LEN, a stack buffer overflow occurs, overwriting adjacent stack memory. The path length check (FileUtil_AppendPathSep) is performed after the strcpy operation, meaning the validation occurs too late and cannot prevent the overflow.

CVE-2025-70029 11 feb. 2026

An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTP request options

CVE-2025-69874 11 feb. 2026

nanotar through 0.2.0 has a path traversal vulnerability in parseTar() and parseTarGzip() that allows remote attackers to write arbitrary files outside the intended extraction directory via a crafted tar archive containing path traversal sequence.

CVE-2025-65480 11 feb. 2026

An issue was discovered in Pacom Unison Client 5.13.1. Authenticated users can inject malicious scripts in the Report Templates which are executed when certain script conditions are fulfilled, leading to Remote Code Execution.

CVE-2025-65128 11 feb. 2026

A missing authentication mechanism in the web management API components of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows unauthenticated attackers on the local network to modify router and network configurations. By invoking operations whose names end with "*_nocommit" and supplying the parameters expected by the invoked function, an attacker can change configuration data, including SSID, Wi-Fi credentials, and administrative passwords, without authentication or an existing session.

CVE-2025-65127 11 feb. 2026

A lack of session validation in the web API component of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote unauthenticated attackers to access administrative information-retrieval functions intended for authenticated users. By invoking "get_*" operations, attackers can obtain device configuration data, including plaintext credentials, without authentication or an existing session.

CVE-2025-13391 (v3: 5.8) 11 feb. 2026

The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'uni_cpo_remove_file' function in all versions up to, and including, 4.9.60. This makes it possible for unauthenticated attackers to delete arbitrary attachments or files stored in Dropbox if the file path is known. The vulnerability was partially patched in version 4.9.60.

CVE-2025-64075 (v3: 10) 11 feb. 2026

A path traversal vulnerability in the check_token function of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote attackers to bypass authentication and perform administrative actions by supplying a crafted session cookie value.

CVE-2025-12474 11 feb. 2026

A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized (but allocated) memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating those areas.

CVE-2025-61969 11 feb. 2026

Incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

CVE-2025-52541 (v3: 7.3) 11 feb. 2026

A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

CVE-2025-48518 11 feb. 2026

Improper input validation in AMD Graphics Driver could allow a local attacker to write out of bounds, potentially resulting in loss of integrity or denial of service.

CVE-2025-48508 (v3: 6) 11 feb. 2026

Improper Hardware reset flow logic in the GPU GFX Hardware IP block could allow a privileged attacker in a guest virtual machine to control reset operation potentially causing host or GPU crash or reset resulting in denial of service.

CVE-2025-48503 (v3: 7.8) 11 feb. 2026

A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.

CVE-2025-12059 (v3: 9.8) 11 feb. 2026

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Logo Software Industry and Trade Inc. Logo j-Platform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Logo j-Platform: from 3.29.6.4 through 13112025.

CVE-2025-8668 (v3: 9.4) 11 feb. 2026

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. Turboard allows Reflected XSS.This issue affects Turboard: from 2025.07 through 11022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-8025 (v3: 9.8) 11 feb. 2026

Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dinosoft ERP: from < 3.0.1 through 11022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-68406 11 feb. 2026

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

CVE-2025-66278 11 feb. 2026

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5190 and later

CVE-2025-66277 11 feb. 2026

A link following vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3350 build 20251216 and later QuTS hero h5.3.2.3354 build 20251225 and later QuTS hero h5.2.8.3350 build 20251216 and later

CVE-2025-66274 11 feb. 2026

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: QuTS hero h5.3.2.3354 build 20251225 and later

CVE-2025-62856 11 feb. 2026

A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5190 and later

CVE-2025-62855 11 feb. 2026

A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5190 and later

CVE-2025-62854 11 feb. 2026

An uncontrolled resource consumption vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5190 and later

CVE-2025-62853 11 feb. 2026

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5166 and later

CVE-2025-59386 11 feb. 2026

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: QuTS hero h5.3.2.3354 build 20251225 and later

CVE-2025-58472 11 feb. 2026

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

CVE-2025-58471 11 feb. 2026

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: Qsync Central 5.2.0.1 ( 2025/12/21 ) and later

CVE-2024-50619 11 feb. 2026

Vulnerabilities in the My Account and User Management components in CIPPlanner CIPAce before 9.17 allows attackers to escalate their access levels. A low-privileged authenticated user can gain access to other people's accounts by tampering with the client's user id to change their account information. A low-privileged authenticated user can elevate his or her system privileges by modifying the information of a user role that is disabled in the client.

CVE-2024-50617 11 feb. 2026

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. (Retrieval is not intended without correct data access configured for documents.)

CVE-2024-50620 11 feb. 2026

Unrestricted Upload of File with Dangerous Type vulnerabilities exist in the rich text editor and document manage components in CIPPlanner CIPAce before 9.17. An authorized user can upload executable files when inserting images in the rich text editor, and upload executable files when uploading files on the document management page. Those executables can be executed if they are not stored in a shared directory or if the storage directory has executed permissions.

CVE-2024-50618 11 feb. 2026

A Use of Single-factor Authentication vulnerability in the Authentication component of CIPPlanner CIPAce before 9.17 allows attackers to bypass a protection mechanism. When the system is configured to allow login with internal accounts, an attacker can possibly obtain full authentication if the secret in a single-factor authentication scheme gets compromised.

CVE-2024-26480 11 feb. 2026

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the admin parameter.

CVE-2024-26479 11 feb. 2026

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the Command execution function.

CVE-2024-26478 11 feb. 2026

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the /api/users endpoint.

CVE-2024-26477 11 feb. 2026

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazon_sns, export endpoints.

CVE-2024-36324 (v3: 8.8) 11 feb. 2026

Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.

CVE-2024-36320 11 feb. 2026

Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability

CVE-2024-36316 (v3: 5.5) 11 feb. 2026

The integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass size checks potentially resulting in a denial of service

CVE-2024-56808 11 feb. 2026

A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later

CVE-2024-56807 11 feb. 2026

An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later

CVE-2024-36355 10 feb. 2026

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execution.

CVE-2024-36311 10 feb. 2026

A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability.

CVE-2024-36310 10 feb. 2026

Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity.

CVE-2024-21953 10 feb. 2026

Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity.

CVE-2024-36355 10 feb. 2026

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execution.

CVE-2024-36311 10 feb. 2026

A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability.

CVE-2024-36310 10 feb. 2026

Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity.

CVE-2024-21953 10 feb. 2026

Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity.

CVE-2024-54192 (v3: 5) 10 feb. 2026

An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpedit_dlt_getplugin function at src/tcpedit/plugins/dlt_utils.c.

CVE-2024-54192 (v3: 5) 10 feb. 2026

An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpedit_dlt_getplugin function at src/tcpedit/plugins/dlt_utils.c.

CVE-2024-52334 (v3: 5.3) 10 feb. 2026

A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF07). The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access.

CVE-2024-52334 (v3: 5.3) 10 feb. 2026

A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF07). The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access.

CVE-2024-51451 (v3: 6.5) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.

CVE-2024-43181 (v3: 6.3) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

CVE-2024-40685 (v3: 4.3) 4 feb. 2026

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery (CSRF) vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions.

CVE-2024-51451 (v3: 6.5) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.

CVE-2024-43181 (v3: 6.3) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

CVE-2024-40685 (v3: 4.3) 4 feb. 2026

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery (CSRF) vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions.

CVE-2024-51451 (v3: 6.5) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.

CVE-2024-43181 (v3: 6.3) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

CVE-2024-40685 (v3: 4.3) 4 feb. 2026

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery (CSRF) vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions.

CVE-2024-51451 (v3: 6.5) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.

CVE-2024-43181 (v3: 6.3) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

CVE-2024-40685 (v3: 4.3) 4 feb. 2026

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery (CSRF) vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions.

CVE-2024-51451 (v3: 6.5) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.

CVE-2024-43181 (v3: 6.3) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

CVE-2024-40685 (v3: 4.3) 4 feb. 2026

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery (CSRF) vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions.

CVE-2024-51451 (v3: 6.5) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.

CVE-2024-43181 (v3: 6.3) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

CVE-2024-40685 (v3: 4.3) 4 feb. 2026

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery (CSRF) vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions.

CVE-2024-51451 (v3: 6.5) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.

CVE-2024-43181 (v3: 6.3) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

CVE-2024-40685 (v3: 4.3) 4 feb. 2026

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery (CSRF) vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions.

CVE-2024-51451 (v3: 6.5) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.

CVE-2024-43181 (v3: 6.3) 4 feb. 2026

IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

CVE-2024-40685 (v3: 4.3) 4 feb. 2026

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery (CSRF) vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions.

CVE-2024-39724 (v3: 5.3) 4 feb. 2026

IBM Db2 Big SQL on Cloud Pak for Data versions 7.6 (on CP4D 4.8), 7.7 (on CP4D 5.0), and 7.8 (on CP4D 5.1) do not properly limit the allocation of system resources. An authenticated user with internal knowledge of the environment could exploit this weakness to cause a denial of service.

CVE-2023-31324 11 feb. 2026

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability.

CVE-2023-20548 11 feb. 2026

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability.

CVE-2023-20514 11 feb. 2026

Improper handling of parameters in the AMD Secure Processor (ASP) could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution

CVE-2023-6763 6 feb. 2026

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2023-6763 6 feb. 2026

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2023-6763 6 feb. 2026

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2023-6763 6 feb. 2026

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2023-6763 6 feb. 2026

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2023-6763 6 feb. 2026

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2023-38281 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.

CVE-2023-38017 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2023-38281 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.

CVE-2023-38017 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2023-38281 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.

CVE-2023-38017 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2023-38281 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.

CVE-2023-38017 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2023-38281 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.

CVE-2023-38017 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2023-38281 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.

CVE-2023-38017 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2023-38281 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.

CVE-2023-38017 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2023-38281 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.

CVE-2023-38017 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2023-38010 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system.

CVE-2023-38010 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system.

CVE-2023-38010 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system.

CVE-2023-38010 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system.

CVE-2023-38010 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system.

CVE-2023-38010 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system.

CVE-2023-38010 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system.

CVE-2023-38010 (v3: 5.3) 4 feb. 2026

IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system.

CVE-2023-54343 (v3: 6.4) 1 feb. 2026

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading to session hijacking and application module manipulation.

CVE-2023-54343 (v3: 6.4) 1 feb. 2026

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading to session hijacking and application module manipulation.

CVE-2023-54343 (v3: 6.4) 1 feb. 2026

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading to session hijacking and application module manipulation.

CVE-2023-54343 (v3: 6.4) 1 feb. 2026

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading to session hijacking and application module manipulation.

CVE-2023-54343 (v3: 6.4) 1 feb. 2026

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading to session hijacking and application module manipulation.

CVE-2023-54343 (v3: 6.4) 1 feb. 2026

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading to session hijacking and application module manipulation.

CVE-2023-54343 (v3: 6.4) 1 feb. 2026

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading to session hijacking and application module manipulation.

CVE-2023-54343 (v3: 6.4) 1 feb. 2026

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading to session hijacking and application module manipulation.

CVE-2023-54343 (v3: 6.4) 1 feb. 2026

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading to session hijacking and application module manipulation.

CVE-2023-54343 (v3: 6.4) 1 feb. 2026

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading to session hijacking and application module manipulation.

CVE-2023-37525 (v3: 5.3) 28 ian. 2026

A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals.

CVE-2023-37525 (v3: 5.3) 28 ian. 2026

A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals.

CVE-2023-37525 (v3: 5.3) 28 ian. 2026

A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals.

CVE-2023-37525 (v3: 5.3) 28 ian. 2026

A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals.

CVE-2023-37525 (v3: 5.3) 28 ian. 2026

A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals.

CVE-2023-7335 22 ian. 2026

EduSoho versions prior to 22.4.7 contain an arbitrary file read vulnerability in the classroom-course-statistics export functionality. A remote, unauthenticated attacker can supply crafted path traversal sequences in the fileNames[] parameter to read arbitrary files from the server filesystem, including application configuration files such as config/parameters.yml that may contain secrets and database credentials. Exploitation evidence was observed by the Shadowserver Foundation on 2026-01-19 (UTC).

CVE-2023-7335 22 ian. 2026

EduSoho versions prior to 22.4.7 contain an arbitrary file read vulnerability in the classroom-course-statistics export functionality. A remote, unauthenticated attacker can supply crafted path traversal sequences in the fileNames[] parameter to read arbitrary files from the server filesystem, including application configuration files such as config/parameters.yml that may contain secrets and database credentials. Exploitation evidence was observed by the Shadowserver Foundation on 2026-01-19 (UTC).

CVE-2022-50981 (v3: 9.8) 2 feb. 2026

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced.

CVE-2022-50980 (v3: 6.5) 2 feb. 2026

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN.

CVE-2022-50981 (v3: 9.8) 2 feb. 2026

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced.

CVE-2022-50980 (v3: 6.5) 2 feb. 2026

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN.

CVE-2022-50981 (v3: 9.8) 2 feb. 2026

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced.

CVE-2022-50980 (v3: 6.5) 2 feb. 2026

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN.

CVE-2022-50981 (v3: 9.8) 2 feb. 2026

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced.

CVE-2022-50980 (v3: 6.5) 2 feb. 2026

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN.

CVE-2022-50981 (v3: 9.8) 2 feb. 2026

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced.

CVE-2022-50980 (v3: 6.5) 2 feb. 2026

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN.

CVE-2022-50981 (v3: 9.8) 2 feb. 2026

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced.

CVE-2022-50980 (v3: 6.5) 2 feb. 2026

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN.

CVE-2022-50981 (v3: 9.8) 2 feb. 2026

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced.

CVE-2022-50980 (v3: 6.5) 2 feb. 2026

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN.

CVE-2022-50981 (v3: 9.8) 2 feb. 2026

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced.

CVE-2022-50980 (v3: 6.5) 2 feb. 2026

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN.

CVE-2022-50981 (v3: 9.8) 2 feb. 2026

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced.

CVE-2022-50980 (v3: 6.5) 2 feb. 2026

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN.

CVE-2022-50979 (v3: 6.5) 2 feb. 2026

An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (RS485).

CVE-2022-50978 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (TCP).

CVE-2022-50977 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.

CVE-2022-50976 (v3: 7.7) 2 feb. 2026

A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB.

CVE-2022-50979 (v3: 6.5) 2 feb. 2026

An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (RS485).

CVE-2022-50978 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (TCP).

CVE-2022-50977 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.

CVE-2022-50976 (v3: 7.7) 2 feb. 2026

A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB.

CVE-2022-50979 (v3: 6.5) 2 feb. 2026

An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (RS485).

CVE-2022-50978 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (TCP).

CVE-2022-50977 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.

CVE-2022-50976 (v3: 7.7) 2 feb. 2026

A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB.

CVE-2022-50979 (v3: 6.5) 2 feb. 2026

An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (RS485).

CVE-2022-50978 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (TCP).

CVE-2022-50977 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.

CVE-2022-50976 (v3: 7.7) 2 feb. 2026

A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB.

CVE-2022-50979 (v3: 6.5) 2 feb. 2026

An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (RS485).

CVE-2022-50978 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (TCP).

CVE-2022-50977 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.

CVE-2022-50976 (v3: 7.7) 2 feb. 2026

A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB.

CVE-2022-50979 (v3: 6.5) 2 feb. 2026

An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (RS485).

CVE-2022-50978 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (TCP).

CVE-2022-50977 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.

CVE-2022-50976 (v3: 7.7) 2 feb. 2026

A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB.

CVE-2022-50979 (v3: 6.5) 2 feb. 2026

An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (RS485).

CVE-2022-50978 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (TCP).

CVE-2022-50977 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.

CVE-2022-50976 (v3: 7.7) 2 feb. 2026

A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB.

CVE-2022-50979 (v3: 6.5) 2 feb. 2026

An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (RS485).

CVE-2022-50978 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (TCP).

CVE-2022-50977 (v3: 7.5) 2 feb. 2026

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.

CVE-2022-50976 (v3: 7.7) 2 feb. 2026

A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB.

CVE-2021-26410 10 feb. 2026

Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure.

CVE-2021-26410 10 feb. 2026

Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure.

CVE-2021-26381 10 feb. 2026

Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption.

CVE-2021-26381 10 feb. 2026

Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption.

CVE-2021-47919 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.

CVE-2021-47918 (v3: 8.1) 1 feb. 2026

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.

CVE-2021-47917 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading to session hijacking and application manipulation.

CVE-2021-47921 (v3: 6.5) 1 feb. 2026

Free Photo & Video Vault 0.0.2 contains a directory traversal web vulnerability that allows remote attackers to manipulate application path requests and access sensitive system files. Attackers can exploit the vulnerability without privileges to retrieve environment variables and access unauthorized system paths.

CVE-2021-47920 (v3: 5.4) 1 feb. 2026

WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.

CVE-2021-47919 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.

CVE-2021-47918 (v3: 8.1) 1 feb. 2026

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.

CVE-2021-47917 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading to session hijacking and application manipulation.

CVE-2021-47921 (v3: 6.5) 1 feb. 2026

Free Photo & Video Vault 0.0.2 contains a directory traversal web vulnerability that allows remote attackers to manipulate application path requests and access sensitive system files. Attackers can exploit the vulnerability without privileges to retrieve environment variables and access unauthorized system paths.

CVE-2021-47920 (v3: 5.4) 1 feb. 2026

WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.

CVE-2021-47919 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.

CVE-2021-47918 (v3: 8.1) 1 feb. 2026

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.

CVE-2021-47917 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading to session hijacking and application manipulation.

CVE-2021-47921 (v3: 6.5) 1 feb. 2026

Free Photo & Video Vault 0.0.2 contains a directory traversal web vulnerability that allows remote attackers to manipulate application path requests and access sensitive system files. Attackers can exploit the vulnerability without privileges to retrieve environment variables and access unauthorized system paths.

CVE-2021-47920 (v3: 5.4) 1 feb. 2026

WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.

CVE-2021-47919 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.

CVE-2021-47918 (v3: 8.1) 1 feb. 2026

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.

CVE-2021-47917 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading to session hijacking and application manipulation.

CVE-2021-47921 (v3: 6.5) 1 feb. 2026

Free Photo & Video Vault 0.0.2 contains a directory traversal web vulnerability that allows remote attackers to manipulate application path requests and access sensitive system files. Attackers can exploit the vulnerability without privileges to retrieve environment variables and access unauthorized system paths.

CVE-2021-47920 (v3: 5.4) 1 feb. 2026

WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.

CVE-2021-47919 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.

CVE-2021-47918 (v3: 8.1) 1 feb. 2026

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.

CVE-2021-47917 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading to session hijacking and application manipulation.

CVE-2021-47921 (v3: 6.5) 1 feb. 2026

Free Photo & Video Vault 0.0.2 contains a directory traversal web vulnerability that allows remote attackers to manipulate application path requests and access sensitive system files. Attackers can exploit the vulnerability without privileges to retrieve environment variables and access unauthorized system paths.

CVE-2021-47920 (v3: 5.4) 1 feb. 2026

WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.

CVE-2021-47919 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.

CVE-2021-47918 (v3: 8.1) 1 feb. 2026

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.

CVE-2021-47917 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading to session hijacking and application manipulation.

CVE-2021-47921 (v3: 6.5) 1 feb. 2026

Free Photo & Video Vault 0.0.2 contains a directory traversal web vulnerability that allows remote attackers to manipulate application path requests and access sensitive system files. Attackers can exploit the vulnerability without privileges to retrieve environment variables and access unauthorized system paths.

CVE-2021-47920 (v3: 5.4) 1 feb. 2026

WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.

CVE-2021-47919 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.

CVE-2021-47918 (v3: 8.1) 1 feb. 2026

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.

CVE-2021-47917 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading to session hijacking and application manipulation.

CVE-2021-47921 (v3: 6.5) 1 feb. 2026

Free Photo & Video Vault 0.0.2 contains a directory traversal web vulnerability that allows remote attackers to manipulate application path requests and access sensitive system files. Attackers can exploit the vulnerability without privileges to retrieve environment variables and access unauthorized system paths.

CVE-2021-47920 (v3: 5.4) 1 feb. 2026

WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.

CVE-2021-47919 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.

CVE-2021-47918 (v3: 8.1) 1 feb. 2026

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.

CVE-2021-47917 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading to session hijacking and application manipulation.

CVE-2021-47921 (v3: 6.5) 1 feb. 2026

Free Photo & Video Vault 0.0.2 contains a directory traversal web vulnerability that allows remote attackers to manipulate application path requests and access sensitive system files. Attackers can exploit the vulnerability without privileges to retrieve environment variables and access unauthorized system paths.

CVE-2021-47920 (v3: 5.4) 1 feb. 2026

WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.

CVE-2021-47919 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.

CVE-2021-47918 (v3: 8.1) 1 feb. 2026

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.

CVE-2021-47917 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading to session hijacking and application manipulation.

CVE-2021-47921 (v3: 6.5) 1 feb. 2026

Free Photo & Video Vault 0.0.2 contains a directory traversal web vulnerability that allows remote attackers to manipulate application path requests and access sensitive system files. Attackers can exploit the vulnerability without privileges to retrieve environment variables and access unauthorized system paths.

CVE-2021-47920 (v3: 5.4) 1 feb. 2026

WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.

CVE-2021-47919 (v3: 6.4) 1 feb. 2026

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.

CVE-2020-37215 (v3: 7.5) 11 feb. 2026

MSN Password Recovery version 1.30 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized input in the registration code field. Attackers can generate a 9000-byte buffer of repeated characters and paste it into the 'User Name and Registration Code' field to trigger an application crash.

CVE-2020-37214 (v3: 7.5) 11 feb. 2026

Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in /admin/voyager-assets to read arbitrary files like /etc/passwd and .env configuration files.

CVE-2020-37213 (v3: 7.5) 11 feb. 2026

TextCrawler Pro 3.1.1 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized buffer in the license key field. Attackers can generate a 6000-byte payload and paste it into the activation field to trigger an application crash.

CVE-2020-37212 (v3: 7.5) 11 feb. 2026

SpotMSN 2.4.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash.

CVE-2020-37211 (v3: 7.5) 11 feb. 2026

SpotIM 2.2 contains a denial of service vulnerability that allows attackers to crash the application by inputting a large buffer in the registration name field. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash.

CVE-2020-37210 (v3: 7.5) 11 feb. 2026

SpotIE 2.9.5 contains a denial of service vulnerability in the registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash.

CVE-2020-37209 (v3: 7.5) 11 feb. 2026

SpotFTP 3.0.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.

CVE-2020-37208 (v3: 7.5) 11 feb. 2026

SpotFTP 3.0.0.0 contains a buffer overflow vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Key' field to trigger an application crash and denial of service.

CVE-2020-37207 (v3: 7.5) 11 feb. 2026

SpotDialup 1.6.7 contains a denial of service vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash.

CVE-2020-37206 (v3: 7.5) 11 feb. 2026

ShareAlarmPro contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload to trigger an application crash when pasted into the registration key field.

CVE-2020-37205 (v3: 7.5) 11 feb. 2026

RemShutdown 2.9.0.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' registration field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application crash.

CVE-2020-37204 (v3: 7.5) 11 feb. 2026

RemShutdown 2.9.0.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash.

CVE-2020-37203 (v3: 7.5) 11 feb. 2026

Office Product Key Finder 1.5.4 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the registration code input. Attackers can create a specially crafted text file and paste it into the 'Name and Key' field to trigger an application crash.

CVE-2020-37202 (v3: 7.5) 11 feb. 2026

NetworkSleuth 3.0.0.0 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash.

CVE-2020-37201 (v3: 7.5) 11 feb. 2026

NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration name input that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash.

CVE-2020-37200 (v3: 7.5) 11 feb. 2026

NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration key input that allows attackers to crash the application by supplying oversized input. Attackers can generate a 1000-character payload and paste it into the registration key field to trigger an application crash.

CVE-2020-37199 (v3: 7.5) 11 feb. 2026

NBMonitor 1.6.6.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash.

CVE-2020-37198 (v3: 7.5) 11 feb. 2026

Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability that allows attackers to crash the application by injecting an oversized buffer into the license key field. Attackers can generate a 6000-byte payload and paste it into the license activation field to trigger an application crash.

CVE-2020-37197 (v3: 7.5) 11 feb. 2026

Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application crash.

CVE-2020-37196 (v3: 7.5) 11 feb. 2026

Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by providing an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash.

CVE-2020-37195 (v3: 7.5) 11 feb. 2026

BlueAuditor 1.7.2.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.

CVE-2020-37194 (v3: 7.5) 11 feb. 2026

Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by supplying an overly long registration key. Attackers can generate a 1000-character payload file and paste it into the registration key field to trigger an application crash.

CVE-2020-37193 (v3: 7.5) 11 feb. 2026

ZIP Password Recovery 2.30 contains a denial of service vulnerability that allows attackers to crash the application by providing maliciously crafted input. Attackers can create a specially prepared text file with specific characters to trigger an application crash when selecting a ZIP file.

CVE-2020-37192 (v3: 6.2) 11 feb. 2026

MSN Password Recovery 1.30 contains an XML external entity injection vulnerability that allows attackers to read local system files through crafted XML input. Attackers can exploit the 'Favorites' tab by injecting a malicious XML file that references external entities to retrieve sensitive system configuration information.

CVE-2020-37191 (v3: 7.5) 11 feb. 2026

Top Password Software Dialup Password Recovery 1.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting a large 5000-character payload into the User Name and Registration Code input fields.

CVE-2020-37190 (v3: 7.5) 11 feb. 2026

Top Password Firefox Password Recovery 2.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting 5000 characters into the User Name or Registration Code input fields.

CVE-2020-37189 (v3: 7.5) 11 feb. 2026

TaskCanvas 1.4.0 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration field to trigger an application crash.

CVE-2020-37188 (v3: 7.5) 11 feb. 2026

SpotOutlook 1.2.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can overwrite the buffer by pasting 1000 'A' characters into the 'Name' field, causing the application to become unresponsive.

CVE-2020-37187 (v3: 7.5) 11 feb. 2026

SpotDialup 1.6.7 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.

CVE-2020-37186 (v3: 9.8) 11 feb. 2026

Chevereto 3.13.4 Core contains a remote code execution vulnerability that allows attackers to inject malicious code during database configuration installation. Attackers can manipulate the database table prefix parameter to write a PHP shell file and execute arbitrary system commands through a crafted POST request.

CVE-2020-37185 (v3: 7.5) 11 feb. 2026

Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash.

CVE-2020-37184 (v3: 9.8) 11 feb. 2026

Allok Video Converter 4.6.1217 contains a stack overflow vulnerability in the License Name input field that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload to overwrite SEH handlers and execute system commands by injecting malicious bytecode into the input field.

CVE-2020-37183 (v3: 9.8) 11 feb. 2026

Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload in the License Name input field to trigger a buffer overflow and execute system commands like calc.exe.

CVE-2020-37182 (v3: 7.5) 11 feb. 2026

Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect() function that allows attackers to crash the application by sending oversized input. Attackers can exploit the sprintf() buffer without proper length checking to overwrite memory and cause a segmentation fault, resulting in program termination.

CVE-2020-37181 (v3: 9.8) 11 feb. 2026

Torrent FLV Converter 1.51 Build 117 contains a stack overflow vulnerability that allows attackers to overwrite Structured Exception Handler (SEH) through a malicious registration code input. Attackers can craft a payload with specific offsets and partial SEH overwrite techniques to potentially execute arbitrary code on vulnerable Windows 32-bit systems.

CVE-2020-37180 (v3: 7.5) 11 feb. 2026

GTalk Password Finder 2.2.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character payload and paste it into the 'Key' field to trigger an application crash.

CVE-2020-37179 (v3: 7.5) 11 feb. 2026

APKF Product Key Finder 2.5.8.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash.

CVE-2020-37178 (v3: 7.5) 11 feb. 2026

KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can trigger the vulnerability by dragging and dropping malicious HTML files into the help area, potentially causing application instability or crash.

CVE-2020-37177 (v3: 7.5) 11 feb. 2026

BOOTP Turbo 2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Structured Exception Handler (SEH). Attackers can generate a malicious payload of 2196 bytes with specific byte patterns to trigger an application crash and corrupt the SEH chain.

CVE-2020-37176 (v3: 9.8) 11 feb. 2026

Torrent 3GP Converter 1.51 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload targeting the application's registration dialog to trigger code execution and open the calculator through carefully constructed buffer overflow techniques.

CVE-2020-37175 (v3: 7.5) 11 feb. 2026

P2PWIFICAM2 for iOS 10.4.1 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the Camera ID input field. Attackers can paste a 257-character buffer into the Camera ID field to trigger an application crash on iOS devices.

CVE-2020-37173 (v3: 7.5) 11 feb. 2026

AVideo Platform 8.1 contains an information disclosure vulnerability that allows attackers to enumerate user details through the playlistsFromUser.json.php endpoint. Attackers can retrieve sensitive user information including email, password hash, and administrative status by manipulating the users_id parameter.

CVE-2020-37172 (v3: 5.3) 11 feb. 2026

AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials without authentication.

CVE-2020-37158 (v3: 5.3) 11 feb. 2026

AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials without authentication.

CVE-2020-37156 (v3: 6.5) 11 feb. 2026

BloodX 1.0 contains an authentication bypass vulnerability in login.php that allows attackers to access the dashboard without valid credentials. Attackers can exploit the vulnerability by sending a crafted payload with '=''or' parameters to bypass login authentication and gain unauthorized access.

CVE-2020-37153 (v3: 9.8) 11 feb. 2026

ASTPP 4.0.1 contains multiple vulnerabilities including cross-site scripting and command injection in SIP device configuration and plugin management interfaces. Attackers can exploit these flaws to inject system commands, hijack administrator sessions, and potentially execute arbitrary code with root permissions through cron task manipulation.

CVE-2020-37104 (v3: 7.5) 11 feb. 2026

ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database information from the /database_backup/ directory.

CVE-2020-37171 (v3: 6.2) 7 feb. 2026

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy username configuration that allows local attackers to crash the application. Attackers can overwrite the username field with 10,000 bytes of arbitrary data to trigger an application crash and prevent normal program functionality.

CVE-2020-37170 (v3: 6.2) 7 feb. 2026

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. Attackers can overwrite the address field with 3000 bytes of arbitrary data to trigger an application crash and prevent normal program functionality.

CVE-2020-37166 (v3: 6.2) 7 feb. 2026

AbsoluteTelnet 11.12 contains a denial of service vulnerability in the SSH2 username input field that allows local attackers to crash the application. Attackers can overwrite the username field with a 1000-byte buffer, causing the application to become unresponsive and terminate.

CVE-2019-25313 (v3: 4) 11 feb. 2026

FlexNet Publisher 11.12.1 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without authentication. Attackers can craft a malicious HTML form to trick authenticated users into submitting a request that creates a new local admin account with a predefined password.

CVE-2019-25317 (v3: 6.4) 11 feb. 2026

Kimai 2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into timesheet descriptions. Attackers can insert SVG-based XSS payloads in the description field to execute arbitrary JavaScript when the page is loaded and viewed by other users.

CVE-2019-25316 (v3: 6.4) 11 feb. 2026

GOautodial 4.0 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the event title parameter. Attackers can exploit the CreateEvent.php endpoint by sending crafted POST requests with XSS payloads to execute arbitrary JavaScript in victim browsers.

CVE-2019-25315 (v3: 6.4) 11 feb. 2026

WordPress Server Log Viewer 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unfiltered log file paths. Attackers can add log files with embedded XSS payloads that will execute when viewed in the WordPress admin interface.

CVE-2019-25314 (v3: 6.4) 11 feb. 2026

Duplicate-Post WordPress Plugin 3.2.3 contains a persistent cross-site scripting vulnerability in plugin settings parameters. Attackers can inject malicious scripts into title prefix, suffix, menu order, and blacklist fields to execute arbitrary JavaScript in admin interfaces.

CVE-2019-25312 (v3: 6.4) 11 feb. 2026

InoERP 0.7.2 contains a persistent cross-site scripting vulnerability in the comment section that allows unauthenticated attackers to inject malicious scripts. Attackers can submit comments with JavaScript payloads that execute in other users' browsers, potentially stealing cookies and session information.

CVE-2019-25311 (v3: 6.4) 11 feb. 2026

thesystem version 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through multiple server data input fields. Attackers can submit crafted script payloads in operating_system, system_owner, system_username, system_password, system_description, and server_name parameters to execute arbitrary JavaScript in victim browsers.

CVE-2019-25310 (v3: 7.8) 11 feb. 2026

ActiveFax Server 6.92 Build 0316 contains an unquoted service path vulnerability in the ActiveFaxServiceNT service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with elevated administrative privileges.

CVE-2019-25309 (v3: 7.8) 11 feb. 2026

Zilab Remote Console Server 3.2.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be run with LocalSystem permissions.

CVE-2019-25308 (v3: 7.8) 11 feb. 2026

Mikogo 5.2.2.150317 contains an unquoted service path vulnerability in the Mikogo-Service Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific path locations.

CVE-2019-25307 (v3: 7.8) 11 feb. 2026

WorkgroupMail 7.5.1 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges during service startup.

CVE-2019-25306 (v3: 7.8) 11 feb. 2026

BlackMoon FTP Server 3.1.2.1731 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to insert malicious code that would execute with LocalSystem account permissions during service startup.

CVE-2019-25305 (v3: 7.8) 6 feb. 2026

JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions.

CVE-2019-25305 (v3: 7.8) 6 feb. 2026

JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions.

CVE-2019-25305 (v3: 7.8) 6 feb. 2026

JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions.

CVE-2019-25305 (v3: 7.8) 6 feb. 2026

JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions.

CVE-2019-25305 (v3: 7.8) 6 feb. 2026

JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions.

CVE-2019-25305 (v3: 7.8) 6 feb. 2026

JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions.

CVE-2019-25304 (v3: 7.8) 6 feb. 2026

SecurOS Enterprise 10.2 contains an unquoted service path vulnerability in the SecurosCtrlService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\ISS\SecurOS\ to insert malicious code that would execute with system-level permissions during service startup.

CVE-2019-25303 (v3: 7.1) 6 feb. 2026

TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to extract or manipulate database information by crafting malicious query payloads.

CVE-2019-25302 (v3: 7.8) 6 feb. 2026

Acer Launch Manager 6.1.7600.16385 contains an unquoted service path vulnerability in the DsiWMIService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Launch Manager\dsiwmis.exe to insert malicious code that would execute with system-level permissions during service startup.

CVE-2019-25301 (v3: 6.4) 6 feb. 2026

Millhouse-Project 1.414 contains a persistent cross-site scripting vulnerability in the comment submission functionality that allows attackers to inject malicious scripts. Attackers can post comments with embedded JavaScript through the 'content' parameter in add_comment_sql.php to execute arbitrary scripts in victim browsers.

CVE-2019-25300 (v3: 7.1) 6 feb. 2026

thejshen Globitek CMS 1.4 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to potentially extract or modify database information.

CVE-2019-25299 (v3: 7.1) 6 feb. 2026

RimbaLinux AhadPOS 1.11 contains a SQL injection vulnerability in the 'alamatCustomer' parameter that allows attackers to manipulate database queries through crafted POST requests. Attackers can exploit time-based and boolean-based blind SQL injection techniques to extract information or potentially interact with the underlying database.

CVE-2019-25304 (v3: 7.8) 6 feb. 2026

SecurOS Enterprise 10.2 contains an unquoted service path vulnerability in the SecurosCtrlService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\ISS\SecurOS\ to insert malicious code that would execute with system-level permissions during service startup.

CVE-2019-25303 (v3: 7.1) 6 feb. 2026

TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to extract or manipulate database information by crafting malicious query payloads.

CVE-2019-25302 (v3: 7.8) 6 feb. 2026

Acer Launch Manager 6.1.7600.16385 contains an unquoted service path vulnerability in the DsiWMIService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Launch Manager\dsiwmis.exe to insert malicious code that would execute with system-level permissions during service startup.

CVE-2019-25301 (v3: 6.4) 6 feb. 2026

Millhouse-Project 1.414 contains a persistent cross-site scripting vulnerability in the comment submission functionality that allows attackers to inject malicious scripts. Attackers can post comments with embedded JavaScript through the 'content' parameter in add_comment_sql.php to execute arbitrary scripts in victim browsers.

CVE-2019-25300 (v3: 7.1) 6 feb. 2026

thejshen Globitek CMS 1.4 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to potentially extract or modify database information.

CVE-2019-25299 (v3: 7.1) 6 feb. 2026

RimbaLinux AhadPOS 1.11 contains a SQL injection vulnerability in the 'alamatCustomer' parameter that allows attackers to manipulate database queries through crafted POST requests. Attackers can exploit time-based and boolean-based blind SQL injection techniques to extract information or potentially interact with the underlying database.

CVE-2019-25304 (v3: 7.8) 6 feb. 2026

SecurOS Enterprise 10.2 contains an unquoted service path vulnerability in the SecurosCtrlService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\ISS\SecurOS\ to insert malicious code that would execute with system-level permissions during service startup.

CVE-2019-25303 (v3: 7.1) 6 feb. 2026

TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to extract or manipulate database information by crafting malicious query payloads.

CVE-2019-25302 (v3: 7.8) 6 feb. 2026

Acer Launch Manager 6.1.7600.16385 contains an unquoted service path vulnerability in the DsiWMIService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Launch Manager\dsiwmis.exe to insert malicious code that would execute with system-level permissions during service startup.

CVE-2019-25301 (v3: 6.4) 6 feb. 2026

Millhouse-Project 1.414 contains a persistent cross-site scripting vulnerability in the comment submission functionality that allows attackers to inject malicious scripts. Attackers can post comments with embedded JavaScript through the 'content' parameter in add_comment_sql.php to execute arbitrary scripts in victim browsers.

CVE-2019-25300 (v3: 7.1) 6 feb. 2026

thejshen Globitek CMS 1.4 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to potentially extract or modify database information.

CVE-2019-25299 (v3: 7.1) 6 feb. 2026

RimbaLinux AhadPOS 1.11 contains a SQL injection vulnerability in the 'alamatCustomer' parameter that allows attackers to manipulate database queries through crafted POST requests. Attackers can exploit time-based and boolean-based blind SQL injection techniques to extract information or potentially interact with the underlying database.

CVE-2019-25304 (v3: 7.8) 6 feb. 2026

SecurOS Enterprise 10.2 contains an unquoted service path vulnerability in the SecurosCtrlService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\ISS\SecurOS\ to insert malicious code that would execute with system-level permissions during service startup.

CVE-2019-25303 (v3: 7.1) 6 feb. 2026

TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to extract or manipulate database information by crafting malicious query payloads.

CVE-2019-25302 (v3: 7.8) 6 feb. 2026

Acer Launch Manager 6.1.7600.16385 contains an unquoted service path vulnerability in the DsiWMIService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Launch Manager\dsiwmis.exe to insert malicious code that would execute with system-level permissions during service startup.

CVE-2019-25301 (v3: 6.4) 6 feb. 2026

Millhouse-Project 1.414 contains a persistent cross-site scripting vulnerability in the comment submission functionality that allows attackers to inject malicious scripts. Attackers can post comments with embedded JavaScript through the 'content' parameter in add_comment_sql.php to execute arbitrary scripts in victim browsers.

CVE-2019-25300 (v3: 7.1) 6 feb. 2026

thejshen Globitek CMS 1.4 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to potentially extract or modify database information.

CVE-2019-25299 (v3: 7.1) 6 feb. 2026

RimbaLinux AhadPOS 1.11 contains a SQL injection vulnerability in the 'alamatCustomer' parameter that allows attackers to manipulate database queries through crafted POST requests. Attackers can exploit time-based and boolean-based blind SQL injection techniques to extract information or potentially interact with the underlying database.

CVE-2019-25304 (v3: 7.8) 6 feb. 2026

SecurOS Enterprise 10.2 contains an unquoted service path vulnerability in the SecurosCtrlService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\ISS\SecurOS\ to insert malicious code that would execute with system-level permissions during service startup.

CVE-2019-25303 (v3: 7.1) 6 feb. 2026

TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to extract or manipulate database information by crafting malicious query payloads.

CVE-2019-25302 (v3: 7.8) 6 feb. 2026

Acer Launch Manager 6.1.7600.16385 contains an unquoted service path vulnerability in the DsiWMIService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Launch Manager\dsiwmis.exe to insert malicious code that would execute with system-level permissions during service startup.

CVE-2019-25301 (v3: 6.4) 6 feb. 2026

Millhouse-Project 1.414 contains a persistent cross-site scripting vulnerability in the comment submission functionality that allows attackers to inject malicious scripts. Attackers can post comments with embedded JavaScript through the 'content' parameter in add_comment_sql.php to execute arbitrary scripts in victim browsers.

CVE-2019-25300 (v3: 7.1) 6 feb. 2026

thejshen Globitek CMS 1.4 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to potentially extract or modify database information.

CVE-2019-25299 (v3: 7.1) 6 feb. 2026

RimbaLinux AhadPOS 1.11 contains a SQL injection vulnerability in the 'alamatCustomer' parameter that allows attackers to manipulate database queries through crafted POST requests. Attackers can exploit time-based and boolean-based blind SQL injection techniques to extract information or potentially interact with the underlying database.

CVE-2019-25304 (v3: 7.8) 6 feb. 2026

SecurOS Enterprise 10.2 contains an unquoted service path vulnerability in the SecurosCtrlService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\ISS\SecurOS\ to insert malicious code that would execute with system-level permissions during service startup.

CVE-2019-25303 (v3: 7.1) 6 feb. 2026

TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to extract or manipulate database information by crafting malicious query payloads.

CVE-2018-25157 (v3: 6.4) 11 feb. 2026

Phraseanet 4.0.3 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through crafted file names during document uploads. Attackers can upload files with embedded SVG scripts that execute in the browser, potentially stealing cookies or redirecting users when the file is viewed.

CVE-2018-25132 (v3: 6.1) 23 ian. 2026

MyBB Trending Widget Plugin 1.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through thread titles. Attackers can modify thread titles with script payloads that will execute when other users view the trending widget.

CVE-2018-25132 (v3: 6.1) 23 ian. 2026

MyBB Trending Widget Plugin 1.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through thread titles. Attackers can modify thread titles with script payloads that will execute when other users view the trending widget.

CVE-2018-25116 (v3: 6.1) 23 ian. 2026

MyBB Thread Redirect Plugin 0.2.1 contains a cross-site scripting vulnerability in the custom text input field for thread redirects. Attackers can inject malicious SVG scripts that will execute when other users view the thread, allowing arbitrary script execution.

CVE-2018-25116 (v3: 6.1) 23 ian. 2026

MyBB Thread Redirect Plugin 0.2.1 contains a cross-site scripting vulnerability in the custom text input field for thread redirects. Attackers can inject malicious SVG scripts that will execute when other users view the thread, allowing arbitrary script execution.

CVE-2018-25156 (v3: 4.3) 24 dec. 2025

Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page with a hidden form to submit password change requests to the device's system configuration interface.

CVE-2018-25155 (v3: 4.3) 24 dec. 2025

Teradek Slice 7.3.15 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page that automatically submits password change requests to the device when a logged-in user visits the page.

CVE-2018-25156 (v3: 4.3) 24 dec. 2025

Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page with a hidden form to submit password change requests to the device's system configuration interface.

CVE-2018-25155 (v3: 4.3) 24 dec. 2025

Teradek Slice 7.3.15 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page that automatically submits password change requests to the device when a logged-in user visits the page.

CVE-2018-25146 (v3: 8.1) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.

CVE-2018-25146 (v3: 8.1) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.

CVE-2018-25146 (v3: 8.1) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.

CVE-2018-25146 (v3: 8.1) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.

CVE-2018-25146 (v3: 8.1) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.

CVE-2018-25146 (v3: 8.1) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.

CVE-2018-25146 (v3: 8.1) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.

CVE-2018-25149 (v3: 6.5) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change admin passwords, add new users, and modify system settings by tricking authenticated users into loading a specially crafted page.

CVE-2018-25147 (v3: 7.5) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations.

CVE-2018-25146 (v3: 8.1) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.

CVE-2018-25149 (v3: 6.5) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change admin passwords, add new users, and modify system settings by tricking authenticated users into loading a specially crafted page.

CVE-2018-25147 (v3: 7.5) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations.

CVE-2018-25146 (v3: 6.5) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.

CVE-2018-25144 (v3: 8.4) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform unauthorized file system modifications through GET and POST requests.

CVE-2018-25144 (v3: 8.4) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform unauthorized file system modifications through GET and POST requests.

CVE-2018-25144 (v3: 8.4) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform unauthorized file system modifications through GET and POST requests.

CVE-2018-25144 (v3: 8.4) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform unauthorized file system modifications through GET and POST requests.

CVE-2018-25144 (v3: 8.4) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform unauthorized file system modifications through GET and POST requests.

CVE-2018-25144 (v3: 8.4) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform unauthorized file system modifications through GET and POST requests.

CVE-2018-25144 (v3: 8.4) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform unauthorized file system modifications through GET and POST requests.

CVE-2018-25145 (v3: 6.5) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows authenticated attackers to download sensitive system configuration files. Attackers can retrieve configuration files from multiple directories including '/www', '/etc/m_cli/', and '/tmp' to access system passwords and network settings.

CVE-2018-25144 (v3: 8.4) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform unauthorized file system modifications through GET and POST requests.

CVE-2018-25143 (v3: 8.8) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root privileges.

CVE-2018-25145 (v3: 6.5) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows authenticated attackers to download sensitive system configuration files. Attackers can retrieve configuration files from multiple directories including '/www', '/etc/m_cli/', and '/tmp' to access system passwords and network settings.

CVE-2018-25144 (v3: 5.5) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform unauthorized file system modifications through GET and POST requests.

CVE-2018-25143 (v3: 8.8) 24 dec. 2025

Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root privileges.

CVE-2018-9373 28 ian. 2025

In TdlsexRxFrameHandle of the MTK WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9378 28 ian. 2025

In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9387 18 ian. 2025

In multiple functions of mnh-sm.c, there is a possible way to trigger a heap overflow due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9389 18 ian. 2025

In ip6_append_data of ip6_output.c, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9401 18 ian. 2025

In many locations, there is a possible way to access kernel memory in user space due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9405 18 ian. 2025

In BnDmAgent::onTransact of dm_agent.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9406 18 ian. 2025

In NlpService, there is a possible way to obtain location information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9461 18 ian. 2025

In onAttachFragment of ShareIntentActivity.java, there is a possible way for an app to read files in the messages app due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9464 18 ian. 2025

In multiple locations, there is a possible way to read protected files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9375 17 ian. 2025

In multiple functions of UserDictionaryProvider.java, there is a possible way to add and delete words in the user dictionary due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9379 17 ian. 2025

In multiple functions of MiniThumbFile.java, there is a possible way to view the thumbnails of deleted photos due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9382 17 ian. 2025

In multiple functions of WifiServiceImpl.java, there is a possible way to activate Wi-Fi hotspot from a non-owner profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9383 17 ian. 2025

In asn1_ber_decoder of asn1_decoder.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9384 17 ian. 2025

In multiple locations, there is a possible way to bypass KASLR due to an unusual root cause. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9434 17 ian. 2025

In multiple functions of Parcel.cpp, there is a possible way to bypass address space layout randomization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13317 28 ian. 2025

In HeifDecoderImpl::getScanline of HeifDecoderImpl.cpp, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2017-13318 28 ian. 2025

In HeifDataSource::readAt of HeifDecoderImpl.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2017-20196 (v3: 6.3) 26 ian. 2025

A vulnerability was found in Itechscripts School Management Software 2.75. It has been classified as critical. This affects an unknown part of the file /notice-edit.php. The manipulation of the argument aid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2017-13322 17 ian. 2025

In endCallForSubscriber of PhoneInterfaceManager.java, there is a possible way to prevent access to emergency services due to a logic error in the code. This could lead to a local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13308 5 dec. 2024

In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13320 27 nov. 2024

In impeg2d_bit_stream_flush() of libmpeg2dec there is a possible OOB read due to a missing bounds check. This could lead to Remote DoS with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2017-13321 27 nov. 2024

In SensorService::isDataInjectionEnabled of frameworks/native/services/sensorservice/SensorService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13323 27 nov. 2024

In String16 of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13316 27 nov. 2024

In checkPermissions of RecognitionService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13319 27 nov. 2024

In pvmp3_get_main_data_size of pvmp3_get_main_data_size.cpp, there is a possible buffer overread due to a missing bounds check. This could lead to remote information disclosure of global static variables with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-18306 26 nov. 2024

Information disclosure due to uninitialized variable.

CVE-2017-18307 26 nov. 2024

Information disclosure possible while audio playback.

CVE-2017-11076 (v3: 9.8) 26 nov. 2024

On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.

CVE-2017-15832 (v3: 8.4) 26 nov. 2024

Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW

CVE-2017-17772 (v3: 9.8) 26 nov. 2024

In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.

CVE-2017-18153 (v3: 8.4) 26 nov. 2024

A race condition exists in a driver potentially leading to a use-after-free condition.

CVE-2017-9711 22 nov. 2024

Certain unprivileged processes are able to perform IOCTL calls.

CVE-2017-13315 19 nov. 2024

In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of privileges where the user can start an activity with system privileges, with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13310 15 nov. 2024

In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13311 15 nov. 2024

In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13312 15 nov. 2024

In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to improper input validation. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13313 15 nov. 2024

In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2017-13314 15 nov. 2024

In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13309 15 nov. 2024

In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13227 14 nov. 2024

In the autofill service, the package name that is provided by the app process is trusted inappropriately.  This could lead to information disclosure with no additional execution privileges needed.  User interaction is not needed for exploitation.

CVE-2017-20195 29 oct. 2024

A vulnerability was found in LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec. It has been rated as critical. This issue affects some unknown processing of the file request.php. The manipulation of the argument phone leads to sql injection. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The patch is named 264813c546dba03989ac0fc365f2022bf65e3be2. It is recommended to apply a patch to fix this issue.

CVE-2017-20193 (v3: 4.7) 16 oct. 2024

The Product Vendors is vulnerable to Reflected Cross-Site Scripting via the 'vendor_description' parameter in versions up to, and including, 2.0.35 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

CVE-2017-20194 (v3: 5.3) 16 oct. 2024

The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.05.03 via the frm_forms_preview AJAX action. This makes it possible for unauthenticated attackers to export all of the form entries for a given form.

CVE-2017-20192 (v3: 8.3) 16 oct. 2024

The Formidable Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters submitted during form entries like 'after_html' in versions before 2.05.03 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser.

CVE-2017-3772 (v3: 5.5) 31 iul. 2024

A vulnerability was reported in Lenovo PC Manager versions prior to 2.6.40.3154 that could allow an attacker to cause a system reboot.

CVE-2017-3755 29 iul. 2024

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2017-3766 29 iul. 2024

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2017-3769 29 iul. 2024

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2017-20191 31 mar. 2024

A vulnerability was found in Zimbra zm-admin-ajax up to 8.8.1. It has been classified as problematic. This affects the function XFormItem.prototype.setError of the file WebRoot/js/ajax/dwt/xforms/XFormItem.js of the component Form Textbox Field Error Handler. The manipulation of the argument message leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 8.8.2 is able to address this issue. The identifier of the patch is bb240ce0c71c01caabaa43eed30c78ba8d7d3591. It is recommended to upgrade the affected component. The identifier VDB-258621 was assigned to this vulnerability.

CVE-2017-20190 27 mar. 2024

Some Microsoft technologies as used in Windows 8 through 11 allow a temporary client-side performance degradation during processing of multiple Unicode combining characters, aka a "Zalgo text" attack. NOTE: third parties dispute whether the computational cost of interpreting Unicode data should be considered a vulnerability.

CVE-2017-20189 22 ian. 2024

In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects.

CVE-2017-20188 2 ian. 2024

A vulnerability has been found in Zimbra zm-ajax up to 8.8.1 and classified as problematic. Affected by this vulnerability is the function XFormItem.prototype.setError of the file WebRoot/js/ajax/dwt/xforms/XFormItem.js. The manipulation of the argument message leads to cross site scripting. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 8.8.2 is able to address this issue. The identifier of the patch is 8d039d6efe80780adc40c6f670c06d21de272105. It is recommended to upgrade the affected component. The identifier VDB-249421 was assigned to this vulnerability.

CVE-2017-20187 5 nov. 2023

** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Magnesium-PHP up to 0.3.0. It has been classified as problematic. Affected is the function formatEmailString of the file src/Magnesium/Message/Base.php. The manipulation of the argument email/name leads to injection. Upgrading to version 0.3.1 is able to address this issue. The patch is identified as 500d340e1f6421007413cc08a8383475221c2604. It is recommended to upgrade the affected component. VDB-244482 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2017-7252 3 nov. 2023

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.

CVE-2017-13893 14 sept. 2023

** REJECT ** This candidate is unused by its CNA.

CVE-2017-13894 14 sept. 2023

** REJECT ** This candidate is unused by its CNA.

CVE-2017-13895 14 sept. 2023

** REJECT ** This candidate is unused by its CNA.

CVE-2017-13896 14 sept. 2023

** REJECT ** This candidate is unused by its CNA.

CVE-2017-13897 14 sept. 2023

** REJECT ** This candidate is unused by its CNA.

CVE-2017-13898 14 sept. 2023

** REJECT ** This candidate is unused by its CNA.

CVE-2017-13899 14 sept. 2023

** REJECT ** This candidate is unused by its CNA.

CVE-2017-13900 14 sept. 2023

** REJECT ** This candidate is unused by its CNA.

CVE-2017-13901 14 sept. 2023

** REJECT ** This candidate is unused by its CNA.

CVE-2017-13902 14 sept. 2023

** REJECT ** This candidate is unused by its CNA.

CVE-2017-13912 14 sept. 2023

** REJECT ** This candidate is unused by its CNA.