An issue was discovered in MariaDB MCP 0.1.0 allowing attackers to gain sensitive information via the SSE service as the SSE service lacks user validation.
Vulnerability of improper access control in the MTP module
Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.
Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete cat
A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014 and classified as critical. This issue affects the function FCGI_CheckStringIfCon
An issue in the snxpcamd.sys component of SUNIX Multi I/O Card v10.1.0.0 allows attackers to perform arbitrary read and write actions via supplying crafted IOCTL requests.
A vulnerability was detected in Open5GS up to 2.7.7. The affected element is the function update_authorized_pcc_rule_and_qos of the file /src/smf/npcf-handler.c of the component SMF. The manipulation
Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack a
Access control vulnerability in the security verification module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
SourceCodester Best House Rental Management System v1.0 is vulnerable to Incorrect Access Control via /rental/payment_report.php, /rental/balance_report.php, /rental/invoices.php, /rental/tenants.php,
An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_account() function to write arbitrary data into fixed-size stack buffers which leads to full device compromise.
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series
Incorrect access control in Software GmbH Agorum core open v11.9.2 & v11.10.1 allows authenticated attackers to escalate privileges to Administrator and access sensitive components and information.
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been rated as critical. This issue affects the function sslvpn_config_mod of the file /vpn/vpn_template_style.
A Download of Code Without Integrity Check vulnerability in the update modules in ASUS Member Center(华硕大厅) allows a local user to achieve privilege escalation to Administrator via exploitation of a Ti
Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged attacker to cause an out-of-bounds memory read within PMFW, potentially leading to a denial of service.
A vulnerability was found in langleyfcu Online Banking System up to 57437e6400ce0ae240e692c24e6346b8d0c17d7a. Affected by this vulnerability is an unknown functionality of the file /connection_error.p
A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been classified as critical. Affected is the function FCGI_CheckStringIfC
Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1.0 to v1.1.26 allows attackers to gain access to the admin panel and complete control of the device.
Web installer integrity check used weak hash algorithm. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
An issue was discovered in litmusautomation litmus-mcp-server thru 0.0.1 allowing unauthorized attackers to control the target's MCP service through the SSE protocol.