Login
[webapps] HAX CMS 24.x - Stored Cross-Site Scripting (XSS)
HAX CMS 24.x - Stored Cross-Site Scripting (XSS)
Reading view
[webapps] Craft CMS 5.6.16 - RCE
Craft CMS 5.6.16 - RCE
[local] GNU InetUtils 2.6 - Telnetd Remote Privilege Escalation
GNU InetUtils 2.6 - Telnetd Remote Privilege Escalation
[webapps] phpMyFAQ 4.0.16 - Improper Authorization
phpMyFAQ 4.0.16 - Improper Authorization
[webapps] GeographicLib v2.5.1 - stack buffer overflow
GeographicLib v2.5.1 - stack buffer overflow
[local] OpenWrt 23.05 - Authenticated Remote Code Execution (RCE)
OpenWrt 23.05 - Authenticated Remote Code Execution (RCE)
[webapps] OpenKM 6.3.12 - Multiple
OpenKM 6.3.12 - Multiple
[webapps] GUnet OpenEclass E-learning platform < 4.2 - Remote Code Execution (RCE)
GUnet OpenEclass E-learning platform < 4.2 - Remote Code Execution (RCE)
[webapps] JuzaWeb CMS 3.4.2 - Authenticated Remote Code Execution
JuzaWeb CMS 3.4.2 - Authenticated Remote Code Execution
[webapps] FacturaScripts 2025.43 - XSS
FacturaScripts 2025.43 - XSS
[webapps] Xibo CMS 4.3.0 - RCE via SSTI
Xibo CMS 4.3.0 - RCE via SSTI
[local] Fedora - Local Privilege Escalation
Fedora - Local Privilege Escalation
[webapps] LangChain Core 1.2.4 - SSTI/RCE
LangChain Core 1.2.4 - SSTI/RCE
[local] Atlona ATOMERX21 - Authenticated Command Injection
Atlona ATOMERX21 - Authenticated Command Injection
[local] Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation
Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation
[webapps] WordPress Plugin 5.2.0 - Broken Access Control
WordPress Plugin 5.2.0 - Broken Access Control
[local] AVAST Antivirus 25.11 - Unquoted Service Path
AVAST Antivirus 25.11 - Unquoted Service Path
CyberDanube Security Research 20260408-1 | Multiple Vulnerabilities in Siemens SICAM A8000
Posted by Thomas Weber | CyberDanube via Fulldisclosure on Apr 14
CyberDanube Security Research 20260408-1-------------------------------------------------------------------------------
title| Multiple Vulnerabilities
product| Siemens SICAM A8000 CP-8050/CP-8031/CP-8010/CP-8012
vulnerable version| <=V25.30
fixed version| V26.10
CVE number| CVE-2026-27664
impact| High
homepage| https://siemens.com/
found|...
CyberDanube Security Research 20260408-0 | Remote Operation Denial of Service in Siemens SICAM A8000
Posted by Thomas Weber | CyberDanube via Fulldisclosure on Apr 14
CyberDanube Security Research 20260408-0-------------------------------------------------------------------------------
title| Remote Operation Denial of Service
product| Siemens SICAM A8000 CP-8050/CP-8031/CP-8010/CP-8012
vulnerable version| <=V25.30
fixed version| V26.10
CVE number| CVE-2026-27663
impact| Medium
homepage| https://siemens.com/...
SEC Consult SA-20260414-0 :: Improper Enforcement of Locked Accounts in WebUI (SSO) in Kiuwan SAST on-premise (KOP) & cloud/SaaS
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 14
SEC Consult Vulnerability Lab Security Advisory < 20260414-0 >=======================================================================
title: Improper Enforcement of Locked Accounts in WebUI (SSO)
Β Β Β Β Β Β product: Kiuwan SAST on-premise (KOP) & cloud/SaaS
Β vulnerable version: <2.8.2509.4
Β Β Β fixed version: 2.8.2509.4
Β Β Β Β Β CVE number: CVE-2026-24069
Β Β Β Β Β Β Β impact: medium...
