For providers

The turboSMTP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 4.6 due to insufficient input sanitization and...

COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.

An out of bounds read due to improper input validation in HeapObjMapImpl.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an...

An out of bounds read due to improper input validation when loading the font table in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful...

An out of bounds read due to improper input validation in BuildFontMap in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires...

Angular Expressions provides expressions for the Angular.JS web framework as a standalone module. Prior to version 1.4.3, an attacker can write a malicious expression that escapes the sandbox to...

Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.

An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build revisions before 7.0.0. The FieldServer Gateway has internal users, whose access is supposed to be...

An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build revisions before 7.0.0. The FieldServer Gateway has an internally used shared administrative user account...

Artifex Software mupdf v1.24.9 was discovered to contain a segmentation fault via the component /tools/pdfextract.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a...