0Xmupa

#11055of 53,630
24.9Total CVSS
Vulnerabilities · 4
Medium
2
High
2
PT-2025-35192
4.3
2025-08-29
Unknown · Bizhub Series · CVE-2025-54777
**Name of the Vulnerable Software and Affected Versions** bizhub series (affected versions not specified) **Description** An uncaught exception issue exists that may cause a denial-of-service by disabling the Web Connection feature when a malformed file is imported as an S/MIME Email certificate. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-30574
7.5
2024-11-18
Glpi · Glpi · CVE-2024-43416
**Name of the Vulnerable Software and Affected Versions** GLPI versions 0.80 through 10.0.16 **Description** The issue allows an unauthenticated user to use an application endpoint to check if an email address corresponds to a valid GLPI user. **Recommendations** For versions 0.80 through 10.0.16, update to version 10.0.17 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable application endpoint until a patch is available.
PT-2024-31945
8.8
2024-09-30
Pix Link · Pix-Link Lv-Wr22 · CVE-2024-46280
**Name of the Vulnerable Software and Affected Versions** PIX-LINK LV-WR22 version RE3002-P1-01 V117.0 **Description** The issue concerns Improper Access Control, where the TELNET service is enabled with weak credentials for a root-level account, and these credentials cannot be changed. **Recommendations** For PIX-LINK LV-WR22 version RE3002-P1-01 V117.0, consider disabling the TELNET service as a temporary workaround to minimize the risk of exploitation. Restrict access to the root-level account to prevent unauthorized access until a patch or fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-5861
4.3
2024-07-10
Glpi · Glpi · CVE-2024-37147
**Name of the Vulnerable Software and Affected Versions** GLPI versions prior to 10.0.16 **Description** The issue is related to incorrect access control in the GLPI system, which provides ITIL Service Desk features, licenses tracking, and software auditing. An authenticated user can attach a document to any item, even if the user has no write access on it. This can allow a remote attacker to bypass current access restriction rules. **Recommendations** For versions prior to 10.0.16, upgrade to version 10.0.16 to resolve the issue. As a temporary workaround, consider restricting access to document attachment features to minimize the risk of exploitation.