Astak CM-818T3 2.4GHz wireless security surveillance cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remo
IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView.
The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1.00.02) contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access.
Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations o
A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptio
A command injection vulnerability in FTP-Flask-python through 5173b68 allows unauthenticated remote attackers to execute arbitrary OS commands. The /ftp.html endpoint's "Upload File" action constructs
IrfanView XCF Plugin XCF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of
IrfanView SID File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User in
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User int
Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations o
An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version 15.1 and earlier via the ELFinder component's default connector (connector.minimal.php), which allows r
A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to read arbitrary files on the system.
A vulnerability in the upload function of binary-husky/gpt_academic allows any user to read arbitrary files on the system, including sensitive files such as `config.py`. This issue affects the latest
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current u
A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file collect_logs.sh of the component Debug Log S3 Bucket Handler. The manipulati
A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. This vulnerability affects the function fileAction of the file vendor/skycaiji/app/admin/controller/Tool.php. The mani
An information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to access sensitive information via a crafted POST requ
Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that allows attackers to read arbitrary system files via the 'READ.filePath' parameter. Attackers can exp
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User int
An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station versions up to and including 7.2. The `wizards/post2file.php` script accepts arbitrary POST parameters
← Previous Page 5