5.3
CVE-2025-3382 - joey-zhou xiaozhi-esp32-server-java update sql injection
A vulnerability has been found in joey-zhou xiaozhi-esp32-server-java up to a14fe8115842ee42ab5c7a51706b8a85db5200b7 and classified as critical. This vulnerability affects the function update of the file /api/user/update. The manipulation of the argument state leads to sql injection. The attack canβ¦
5.3
CVE-2025-3381 - zhangyanbo2007 youkefu File Upload WebIMController.java path traversal
A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu 4.2.0. This affects an unknown part of the file WebIMController.java of the component File Upload. The manipulation of the argument ID leads to path traversal. It is possible to initiate the attack remotely. The β¦
6.9
CVE-2025-3380 - PCMan FTP Server FEAT Command buffer overflow
A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. Affected by this issue is some unknown functionality of the component FEAT Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to β¦
6.9
CVE-2025-3379 - PCMan FTP Server EPSV Command buffer overflow
A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. Affected by this vulnerability is an unknown functionality of the component EPSV Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public β¦
6.9
CVE-2025-3378 - PCMan FTP Server EPRT Command buffer overflow
A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. Affected is an unknown function of the component EPRT Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be usβ¦
6.9
CVE-2025-3377 - PCMan FTP Server ENC Command buffer overflow
A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. This issue affects some unknown processing of the component ENC Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may β¦
4.6
CVE-2024-38797 - Out-of-bounds Read in HashPeImageByType()
EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability.
6.9
CVE-2025-3376 - PCMan FTP Server CONF Command buffer overflow
A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. This vulnerability affects unknown code of the component CONF Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and mayβ¦
6.9
CVE-2025-3375 - PCMan FTP Server CDUP Command buffer overflow
A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. This affects an unknown part of the component CDUP Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and maβ¦
7.2
CVE-2025-3426 - Use of default hardcoded credentials
We observed that Intellispace Portal binaries doesnβt have any protection mechanisms to prevent reverse engineering. Specifically, the appβs code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-engineer β¦