Medium · CVSS 6.1
An issue in Plone Docker Official Image 5.2.13 (5221) open-source software allows for remote code execution via improper validation of input by the HOST headers.
Published Jan 25, 2024 · Updated Jul 9, 2026
Critical · CVSS 9.8
An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php
Published Jan 25, 2024 · Updated Jul 9, 2026
Medium · CVSS 5.2
A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiVoice 7.0.0 through 7.0.4, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions, FortiWeb 7.6.0, FortiWeb 7.4.0 through 7.4.4, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions, FortiWeb 6.4 all versions allows attacker to escalate privilege via specially crafted packets.
Published Jan 16, 2025 · Updated Jul 8, 2026
Medium · CVSS 6.9
A incorrect privilege assignment vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.3, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.4.1 through 7.4.2, FortiAnalyzer Cloud 7.2.1 through 7.2.6, FortiAnalyzer Cloud 7.0 all versions, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.4.0 through 7.4.3, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6.4 all versions allows attacker to escalate privilege via specific shell commands
Published Jan 16, 2025 · Updated Jul 8, 2026
Medium · CVSS 6.7
A improper privilege management vulnerability in Fortinet FortiManager Cloud 7.4.1 through 7.4.3, FortiManager Cloud 7.2.1 through 7.2.5, FortiManager Cloud 7.0 all versions, FortiManager 7.4.0 through 7.4.3, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6.4 all versions allows attacker to escalation of privilege via specific shell commands
Published Jan 14, 2025 · Updated Jul 8, 2026
Critical · CVSS 9.6 · CISA KEV
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
Published Jan 14, 2025 · Updated Jul 8, 2026
High · CVSS 7.1
A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.1 through 7.4.3, FortiManager Cloud 7.4.1 through 7.4.3, FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.4, FortiOS 7.2.0 through 7.2.9, FortiOS 7.0.0 through 7.0.15, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, FortiProxy 7.2.0 through 7.2.11, FortiProxy 7.0.0 through 7.0.18, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions may allow a remote authenticated attacker with access to the security fabric interface and port to write arbitrary files or a remote unauthenticated attacker to delete an arbitrary folder
Published Jan 14, 2025 · Updated Jul 8, 2026
Medium · CVSS 5
A stack-based buffer overflow vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.3, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0.0 through 7.0.12, FortiAnalyzer 6.4.0 through 6.4.14, FortiAnalyzer Cloud 7.4.1 through 7.4.3, FortiAnalyzer Cloud 7.2.1 through 7.2.5, FortiAnalyzer Cloud 7.0.1 through 7.0.11, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.4.0 through 7.4.3, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager Cloud 7.4.1 through 7.4.3, FortiManager Cloud 7.2.1 through 7.2.5, FortiManager Cloud 7.0.1 through 7.0.11, FortiManager Cloud 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted packets.
Published Jan 14, 2025 · Updated Jul 8, 2026
Medium · CVSS 6.5
OpenAirInterface CN5G AMF (oai-cn5g-amf) <= 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to carry out denial of service. When a procedure code/presence field tuple is received that is unsupported, OAI indexes into a null function pointer and subsequently dereferences it.
Published Jan 21, 2025 · Updated Jul 7, 2026
Critical · CVSS 9.8
Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function.
Published Jan 14, 2025 · Updated Jul 7, 2026
Critical · CVSS 9.8
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address editing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.
Published Jan 14, 2025 · Updated Jul 7, 2026
Critical · CVSS 9.8
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the AP configuration function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.
Published Jan 14, 2025 · Updated Jul 7, 2026
Critical · CVSS 9.8
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address update function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.
Published Jan 14, 2025 · Updated Jul 7, 2026
Critical · CVSS 9.8
File Upload Bypass was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the file upload functionality
Published Jan 7, 2025 · Updated Jul 7, 2026
Medium · CVSS 6.1
Cross Site Scripting vulnerability iPublish Media Solutions AdPortal 3.0.39 allows a remote attacker to escalate privileges via the shippingAsBilling parameter in updateuserinfo.html.
Published Jan 7, 2025 · Updated Jul 7, 2026
Critical · CVSS 9.8
Server-Side Template Injection (SSTI) was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the shippingAsBilling and firstname parameters in updateuserinfo.html file
Published Jan 7, 2025 · Updated Jul 7, 2026
Medium · CVSS 6.1
Open Redirect vulnerability in Pnetlab 5.3.11 allows an attacker to manipulate URLs to redirect users to arbitrary external websites via a crafted script
Published Jan 6, 2025 · Updated Jul 7, 2026
Medium · CVSS 4.1
Cross-Site Scripting (XSS) vulnerability in Pnetlab 5.3.11 allows an attacker to inject malicious scripts into a web page, which are executed in the context of the victim's browser.
Published Jan 6, 2025 · Updated Jul 7, 2026
Medium · CVSS 6.4
fabricators Ltd Vanilla OS 2 Core image v1.1.0 was discovered to contain static keys for the SSH service, allowing attackers to possibly execute a man-in-the-middle attack during connections with other hosts.
Published Jan 13, 2026 · Updated Jul 5, 2026
High · CVSS 7.5
Bangkok Medical Software HOSxP XE v4.64.11.3 was discovered to contain a hardcoded IDEA Key-IV pair in the HOSxPXE4.exe and HOS-WIN32.INI components. This allows attackers to access sensitive information.
Published Jan 7, 2025 · Updated Jul 5, 2026
Medium · CVSS 4.7
Cross Site Scripting vulnerability in Audiocodes MP-202b v.4.4.3 allows a remote attacker to escalate privileges via the login page of the web interface.
Published Jan 2, 2025 · Updated Jul 5, 2026
High · CVSS 7.3
Versions of the package network before 0.7.0 are vulnerable to Arbitrary Command Injection due to use of the child_process exec function without input sanitization. If (attacker-controlled) user input is given to the mac_address_for function of the package, it is possible for the attacker to execute arbitrary commands on the operating system that this package is being run on.
Published Jan 30, 2024 · Updated Jul 5, 2026
Medium · CVSS 6.5
A stored cross-site scripting (XSS) vulnerability in Umbraco CMS v14.3.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. NOTE: This has been disputed by the vendor since this potential attack is only possible via authenticated users who have been manually allowed access to the CMS. There was a deliberate decision made not to apply HTML sanitization at the product level.
Published Jan 22, 2025 · Updated Jul 5, 2026
Medium · CVSS 5.3
REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between login attempts.
Published Jan 2, 2026 · Updated Jul 5, 2026
High · CVSS 8.8
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/getWifiBasic.
Published Jan 27, 2025 · Updated Jul 5, 2026
High · CVSS 8.8
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in /bin/goahead. Specifically, these issues can be triggered through /goform/tracerouteDiagnosis, /goform/pingDiagnosis, and /goform/fromSysToolPingCmd Each of these issues allows an attacker with access to the web interface to inject and execute arbitrary shell commands, with "root" privileges.
Published Jan 27, 2025 · Updated Jul 5, 2026
High · CVSS 8.8
In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does not properly handle special characters in any of user provided parameters, allowing an attacker with access to the web interface to inject and execute arbitrary shell commands.
Published Jan 27, 2025 · Updated Jul 5, 2026
Medium · CVSS 5.2
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Cross Site Scripting (XSS) in : /bin/goahead via /goform/setStaticRoute, /goform/fromSetFilterUrlFilter, and /goform/fromSetFilterClientFilter.
Published Jan 27, 2025 · Updated Jul 5, 2026
High · CVSS 8.8
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/fromSetLanDhcpsClientbinding.
Published Jan 27, 2025 · Updated Jul 5, 2026
Critical · CVSS 9.8
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 5G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.
Published Jan 14, 2025 · Updated Jul 5, 2026
Critical · CVSS 9.8
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 2.4G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.
Published Jan 14, 2025 · Updated Jul 5, 2026
Medium · CVSS 6.1
Cross Site Scripting vulnerability in sunnygkp10 Online Exam System master version allows a remote attacker to obtain sensitive information via the w parameter.
Published Jan 17, 2025 · Updated Jul 5, 2026
Medium · CVSS 4.6
A persistent cross-site scripting (XSS) vulnerability in NodeBB v3.11.0 allows remote attackers to store arbitrary code in the 'about me' section of their profile.
Published Jan 24, 2025 · Updated Jul 5, 2026
Medium · CVSS 6.5
MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name parameter the General Information module.
Published Jan 13, 2025 · Updated Jul 5, 2026
Critical · CVSS 9.1
Incorrect Access Control in Cfx.re FXServer v9601 and earlier allows unauthenticated users to modify and read arbitrary user data via exposed API endpoint
Published Jan 13, 2025 · Updated Jul 5, 2026
High · CVSS 7.4
ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0 was discovered to contain a WiFi Remote Code Execution vulnerability.
Published Jan 14, 2025 · Updated Jul 5, 2026
High · CVSS 7.5
A stack overflow in the sctp_server::sctp_receiver_thread component of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) by repeatedly establishing SCTP connections with the N2 interface.
Published Jan 21, 2025 · Updated Jul 5, 2026
High · CVSS 7.5
Improper file descriptor handling for closed connections in OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) by repeatedly establishing SCTP connections with the N2 interface.
Published Jan 21, 2025 · Updated Jul 5, 2026
Medium · CVSS 6.5
An uninitialized pointer dereference in the ngap_handle_pdu_session_resource_setup_response routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDU Session Resource Setup Response.
Published Jan 21, 2025 · Updated Jul 5, 2026
High · CVSS 7.5
A NULL pointer dereference in the ngap_app::handle_receive routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP message.
Published Jan 21, 2025 · Updated Jul 5, 2026
High · CVSS 7.8
An issue in the DeviceloControl function of ITE Tech. Inc ITE IO Access v1.0.0.0 allows attackers to perform arbitrary port read and write actions via supplying crafted IOCTL requests.
Published Jan 6, 2025 · Updated Jul 5, 2026
High · CVSS 7.5
JATOS 3.9.4 contains a denial-of-service (DoS) vulnerability in the authentication system, where an attacker can prevent legitimate users from accessing their accounts by repeatedly sending multiple failed login attempts. Specifically, by submitting 3 incorrect login attempts every minute, the attacker can trigger the account lockout mechanism on the account level, effectively locking the user out indefinitely. Since the lockout is applied to the user account and not based on the IP address, any attacker can trigger the lockout on any user account, regardless of their privileges.
Published Jan 7, 2025 · Updated Jul 5, 2026
Medium · CVSS 5.4
MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:[id]/debts/create.
Published Jan 10, 2025 · Updated Jul 5, 2026
Medium · CVSS 5.4
MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability via the entry text field at /journal/entries/ID/edit.
Published Jan 10, 2025 · Updated Jul 5, 2026
High · CVSS 8.8
MonicaHQ v4.1.2 was discovered to contain multiple authenticated Client-Side Injection vulnerabilities via the title and description parameters at /people/ID/reminders/create.
Published Jan 10, 2025 · Updated Jul 5, 2026
Medium · CVSS 6.5
MonicaHQ v4.1.2 was discovered to contain multiple Client-Side Injection vulnerabilities via the first_name and last_name parameters in the Add a new relationship feature.
Published Jan 10, 2025 · Updated Jul 5, 2026
High · CVSS 8
TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root user.
Published Jan 9, 2025 · Updated Jul 5, 2026
Critical · CVSS 9.1
SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to recharge members indefinitely.
Published Jan 6, 2025 · Updated Jul 5, 2026
Critical · CVSS 9.8
PHPYun before 7.0.2 is vulnerable to code execution through backdoor-restricted arbitrary file writing and file inclusion.
Published Jan 9, 2025 · Updated Jul 5, 2026
High · CVSS 8.8
An authenticated arbitrary file upload vulnerability in Car Rental Management System v1.0 to v1.3 allows attackers to execute arbitrary code via uploading a crafted file.
Published Jan 7, 2025 · Updated Jul 5, 2026