Security Vulnerabilities
Memory corruption while processing a video session to set video parameters.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-07
Insufficient session expiration in the Web UI authentication component in HCL BigFix IVR version 4.2 allows an authenticated attacker to gain prolonged unauthorized access to protected API endpoints due to excessive expiration periods.
CVSS Score
2.0
EPSS Score
0.0
Published
2026-01-07
A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This affects the function setDeviceURL of the file uapply.cgi of the component httpd . This manipulation of the argument DeviceURL causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
7.2
EPSS Score
0.002
Published
2026-01-07
Insecure Temporary File vulnerability in Altera Quartus Prime Standard
Installer (SFX)
on Windows, Altera Quartus Prime Lite
Installer (SFX)
on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1.
CVSS Score
6.7
EPSS Score
0.0
Published
2026-01-07
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II Command Shell modules), Altera Quartus Prime Lite on Windows (Nios II Command Shell modules) allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 19.1 through 24.1; Quartus Prime Lite: from 19.1 through 24.1.
CVSS Score
6.7
EPSS Score
0.0
Published
2026-01-07
Insecure Temporary File vulnerability in Altera Quartus Prime Pro
Installer (SFX)
on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1.
CVSS Score
6.7
EPSS Score
0.0
Published
2026-01-07
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro
Installer (SFX)
on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1.
CVSS Score
6.7
EPSS Score
0.0
Published
2026-01-07
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard
Installer (SFX)
on Windows, Altera Quartus Prime Lite
Installer (SFX)
on Windows allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1.
CVSS Score
6.7
EPSS Score
0.0
Published
2026-01-07
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1.
CVSS Score
6.7
EPSS Score
0.0
Published
2026-01-07
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a NULL pointer member call vulnerability. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-01-06