| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
vulnerability exists that could cause unauthenticated remote code execution when a malicious folder is created
over the web interface HTTP when enabled. HTTP is disabled by default. |
| A CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the
password generation algorithm is reverse engineered with access to installation or upgrade artifacts. |
| A
CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote
command execution by a privileged account when the server is accessed via a console and through
exploitation of the hostname input. |
| A
CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation when the
server is accessed by a privileged account via a console and through exploitation of a setup script. |
| A
CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthenticated remote
code execution when the server is accessed via the network with knowledge of hidden URLs and manipulation
of host request header. |
| A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD.
Opening V9 files or X1 files specially crafted by an attacker on the affected product may lead to arbitrary code execution. |
| GitForge.jl is a unified interface for interacting with Git "forges." Versions prior to 0.4.3 lack input validation for user provided values in certain functions. In the `GitForge.get_repo` function for GitHub, the user can provide any string for the owner and repo fields. These inputs are not validated or safely encoded and are sent directly to the server. This means a user can add path traversal patterns like `../` in the input to access any other endpoints on api.github.com that were not intended. Version 0.4.3 contains a patch for the issue. No known workarounds are available. |
| OpenList Frontend is a UI component for OpenList. Prior to version 4.0.0-rc.4, a vulnerability exists in the file preview/browsing feature of the application, where files with a .py extension that contain JavaScript code wrapped in <script> tags may be interpreted and executed as HTML in certain modes. This leads to a stored XSS vulnerability. This issue has been patched in version 4.0.0-rc.4. |
| Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files including environment variables, nginx logs, other user's uploaded images, and configuration secrets due to a path traversal exploit in SecurePathController.php. This issue has been patched in version 6.6.10. |
| Weak Password Requirements vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions allows an attacker within the Wi-Fi communication range between the units of the product (measurement unit and display unit) to derive the password from the SSID. In addition, if the product is configured to enable the individual air conditioner control function, an attacker who has access to the Wi-Fi communication between the units by exploiting this vulnerability may be able to execute ECHONET Lite commands to perform operations such as turning the air conditioner on or off and changing the set temperature. The individual air conditioner control function is available only in display unit version 02.00.01 or later and measurement unit version 02.03.01 or later. The affected products discontinued in 2015, support ended in 2020. |
| Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions allows an attacker within the Wi-Fi communication range between the units of the product (measurement unit and display unit) to disclose information such as generated power and electricity sold back to the grid stored in the product, tamper with or destroy stored or configured information in the product, or cause a Denial-of-Service (DoS) condition on the product, by using hardcoded user ID and password common to the product series obtained by exploiting CVE-2025-5022. The affected products discontinued in 2015, support ended in 2020. |
| A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd. |
| Server side request forgery (SSRF) vulnerability in makeplane plane 0.23.1 via the password recovery. |
| Cross Site Request Forgery (CSRF) vulnerability in Smartvista BackOffice SmartVista Suite 2.2.22 via crafted GET request. |
| A stored Cross Site Scripting (xss) vulnerability in the "content management" feature in AnQiCMS v.3.4.11 allows a remote attacker to execute arbitrary code via a crafted script to the title, categoryTitle, and tmpTag parameters. |
| Installation file of ESET security products on Windows
allow an attacker to misuse to delete an arbitrary file without having the permissions to do so. |
| A vulnerability has been found in Kingdee Cloud Galaxy Private Cloud BBC System up to 9.0 Patch April 2025 and classified as critical. Affected by this vulnerability is the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file fileUpload/deleteFileAction.jhtml of the component File Handler. The manipulation of the argument filePath leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. |
| A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the component wxapkg File Decompression Handler. The manipulation leads to resource consumption. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. |
| Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c. |
| An Authentication Bypass vulnerability in Blue Access' Cobalt X1 thru 02.000.187 allows an unauthorized attacker to log into the application as an administrator without valid credentials. |
