The Toshiba printers provide several ways to upload files using the web interface without authentication. An attacker can overwrite any insecure files. And the Toshiba printers are vulnerable to a Loc...

Toshiba printers use SNMP for configuration. Using the private community, it is possible to remotely execute commands as root on the remote printer. Using this vulnerability will allow any attacker to...

A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. With this vulnerability, an attacker can upload executable files that are moved to a publi...

An unauthenticated Insecure Direct Object Reference (IDOR) to the database has been found in the SO Planning tool that occurs when the public view setting is enabled. An attacker could use this vulner...

A unauthenticated SQL Injection has been found in the SO Planning tool that occurs when the public view setting is enabled. An attacker could use this vulnerability to gain access to the underlying da...

The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect `AMQP_VALUE` failed state, may cause a double free problem. This may cause a RCE. Update submo...

Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a t...

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been classified as critical. Affected is an unknown function of the file /uupdate.php. The manipulation of the argu...

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API...

Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 through 1.11.0, the attackers can bypass using malicious parameters. Users are advised to ...

An issue in vivotek Network Camera v.FD8166A-VVTK-0204j allows a remote attacker to execute arbitrary code via a crafted payload to the upload_file.cgi component.

An issue in Hangzhou Xiongwei Technology Development Co., Ltd. Restaurant Digital Comprehensive Management platform v1 allows an attacker to bypass authentication and perform arbitrary password resets...

A vulnerability has been found in Netentsec NS-ASG Application Security Gateway 6.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /protocol/iscdevi...

A vulnerability, which was classified as critical, has been found in Netentsec NS-ASG Application Security Gateway 6.3. This issue affects some unknown processing of the file /admin/singlelogin.php. T...

A vulnerability classified as critical was found in Netentsec NS-ASG Application Security Gateway 6.3. This vulnerability affects unknown code of the file /vpnweb/index.php?para=index. The manipulatio...

A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /protocol/firewall/addfi...

There is a buffer overflow vulnerability in the underlying Utility daemon that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's ac...

There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (...

Deserialization of Untrusted Data vulnerability in PMB Services PMB allows Remote Code Inclusion.This issue affects PMB: from 7.5.1 before 7.5.6-2, from 7.4.1 before 7.4.9, from 7.3.1 before 7.3.18.

EBM Technologies RISWEB's specific query function parameter does not properly restrict user input, and this feature page is accessible without login. This allows remote attackers to inject SQL command...

The functionality for file download in HGiga OAKlouds' certain modules contains an Arbitrary File Read and Delete vulnerability. Attackers can put file path in specific request parameters, allowing th...

The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command Injection vulnerability, allowing remote attackers to inject system commands within specific request paramet...

A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318. It has been classified as critical. This affects an unknown part of the file /api/client/editeme...

A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this issue is some unknown functionality of the file api/...