Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is a local privilege escalation vulnerability in some Huawei products. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is an out-of-bound read vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Mate 30 10.0.0.203(C00E201R7P2) have a buffer overflow vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a logic vulnerability in Huawei Gauss100 OLTP Product. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a weak algorithm vulnerability in Mate 3010.0.0.203(C00E201R7P2). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is an out-of-bound read vulnerability in Mate 30 10.0.0.182(C00E180R6P2). Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. Rated medium severity (CVSS 4.1). No vendor patch available.
There is a buffer overflow vulnerability in Mate 30 10.1.0.126(C00E125R5P3). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.