9.3
CVE-2026-22553 - InSAT MasterSCADA BUK-TS OS Command Injection
All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in its MMadmServ web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.
9.3
CVE-2026-21410 - InSAT MasterSCADA BUK-TS SQL Injection
InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.
6.1
CVE-2025-46320 -
A cross-site scripting (XSS) vulnerability in a FileMaker WebDirect custom homepage could lead to unauthorized access and remote code execution. This vulnerability has been fully addressed in FileMaker Server 22.0.4 and FileMaker Server 21.1.7.
8.6
CVE-2026-24443 - EventSentry < 6.0.1.20 Web Reports Unverified Password Change
EventSentry versions prior to 6.0.1.20Β contain an unverified password change vulnerability in the account management functionality of the Web Reports interface. The password change mechanism does not require validation of the current password before allowing a new password to be set. An attacker whβ¦
2.7
CVE-2026-23859 - ClientβSide enforcement bypass in Dell Wyse Management Suite before v5.5
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass.
5.4
CVE-2026-23858 - CrossβSite Scripting Vulnerability in Dell Wyse Management Suite 5.4 and Earlier
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script Injection.
7.2
CVE-2026-22766 - Unrestricted File Upload Allowing Remote Execution in Dell Wyse Management Suite before 5.5
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.
8.8
CVE-2026-22765 - Missing Authorization in Dell Wyse Management Suite Allows Remote Elevation of Privileges
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges.
6.5
CVE-2026-3131 - Improper Access Control Enables ViewβOnly Users to Access Sensitive Connection Data
Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data.
4.3
CVE-2026-1768 - Permission Cache Poisoning Allows Bypassing Access Controls in Devolutions Server
A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15.