Our news

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info 10-Strike Software–Bandwidth Monitor 10-Strike Bandwidth Monitor 3.9 contains a buffer overflow vulnerability that allows attackers to bypass SafeSEH, ASLR, and DEP protections through carefully crafted input. Attackers can exploit the vulnerability by sending a malicious payload to the application’s registration key input,

READ MORE →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Agatasoft–AgataSoft PingMaster Pro AgataSoft PingMaster Pro 2.1 contains a denial of service vulnerability in the Trace Route feature that allows attackers to crash the application by overflowing the host name input field. Attackers can generate a 10,000-character buffer and paste it into

READ MORE →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info 10-Strike–Strike Network Inventory Explorer Pro 10-Strike Network Inventory Explorer Pro 9.31 contains a buffer overflow vulnerability in the text file import functionality that allows remote code execution. Attackers can craft a malicious text file with carefully constructed payload to trigger a reverse

READ MORE →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info AA-Team–Amazon Native Shopping Recommendations Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in AA-Team Amazon Native Shopping Recommendations allows SQL Injection.This issue affects Amazon Native Shopping Recommendations: from n/a through 1.3. 2026-01-05 9.3 CVE-2025-30633 https://vdp.patchstack.com/database/wordpress/plugin/woozone-contextual/vulnerability/wordpress-amazon-native-shopping-recommendations-plugin-1-3-sql-injection-vulnerability?_s_id=cve  AA-Team–Premium Age

READ MORE →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info SmarterTools–SmarterMail Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution. 2025-12-29 10 CVE-2025-52691 https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-124/  MiniDVBLinux–MiniDVBLinux MiniDVBLinux 5.4 contains a remote command execution vulnerability that allows

READ MORE →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info 9786–phpok3w A vulnerability was identified in 9786 phpok3w up to 901d96a06809fb28b17f3a4362c59e70411c933c. Impacted is an unknown function of the file show.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly

READ MORE →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Cisco–Cisco Secure Email Cisco is aware of a potential vulnerability.  Cisco is currently investigating and will update these details as appropriate as more information becomes available. 2025-12-17 10 CVE-2025-20393 cisco-sa-sma-attack-N9bf4  Hewlett Packard Enterprise (HPE)–HPE OneView A remote code execution issue exists in HPE OneView.

READ MORE →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Unknown–Typora Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the ‘run command’ input field during PDF export to achieve remote code execution. 2025-12-12 9.8

READ MORE →