For providers

A vulnerability exists in RTU500 IEC 60870-5-104 controlled station functionality and IEC 61850 functionality, that allows an attacker performing a specific attack sequence to restart the affected...

A vulnerability exists in RTU IEC 61850 client and server functionality that could impact the availability if renegotiation of an open IEC61850 TLS connection takes place in specific timing...

The TRMTracker web application is vulnerable to LDAP injection attack potentially allowing an attacker to inject code into a query and execute remote commands that can read and update data on the...

A Host Header Injection vulnerability in TRMTracker application may allow an attacker by modifying the host header value in an HTTP request to leverage multiple attack vectors, including defacing...

The TRMTracker web application is vulnerable to reflected Cross-site scripting attack. The application allows client-side code injection that might be used to compromise the confidentiality and...

In JetBrains GoLand before 2025.1 an XXE during debugging was possible

SQL injection vulnerability in the authentication module in Convivance StandVoice 4.5 through 6.2 allows remote attackers to execute arbitrary code via the GEST_LOGIN parameter.

VMware Tools for Windows contains an authentication bypass vulnerability due to improper access control. A malicious actor with non-administrative privileges on a guest VM may gain ability to...

A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to...

In Tiny MoxieManager PHP before 4.0.0, remote code execution can occur in the installer command. This vulnerability allows unauthenticated attackers to inject and execute arbitrary code....