14 matches found
CVE-2025-10641
creationtimestamp| type| source ---|---|--- 2025-10-21 12:58:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m3pf3f73bo2e 2025-10-21 19:23:05+00:00| seen| https://schleuss.online/users/vulnbot/statuses/115413783991365690 2025-10-21 22:00:55+00:00| seen|...
CVE-2020-10641
An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication. This results in consuming the entire available hard-disk space on the Ignition 8 Gateway versions prior to 8.0.10, causing a denial-of-service condition...
nowa-apotheken.de Cross Site Scripting vulnerability OBB-2705391
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2020-10641
The CVE-2020-10641 issue affects Ignition 8 Gateway (Perspective Module) prior to 8.0.10, where an unprotected logging route can write unlimited log statements to the database, consuming disk space and causing a denial-of-service. Root cause: improper access controls allowing unauthenticated, net...
CVE-2020-10641
creationtimestamp| type| source ---|---|--- 2020-04-28 11:45:01+00:00| seen| https://t.me/SecLabNews/7470 2020-12-23 18:12:15+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1005...
Inductive Automation Ignition
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Inductive Automation Equipment: Ignition 8 Gateway Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to write endless...
CVE-2019-10641
Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery Mechanism for a Forgotten Password...
CVE-2019-10641
Contao contains a session invalidation flaw: existing user sessions are not properly invalidated when a password is changed. Affected versions include Contao 3.* up to 3.5.38 and Contao 4.x up to 4.7.2, with the fix released in Contao 3.5.39, 4.4.37, or 4.7.3. The issue, identified in CVE-2019-10...
Session invalidation upon password changes
Date : 2019-04-09 CVE ID : CVE-2019-10641 Description Security researcher Ali Razzaq has discovered that existing sessions are not correctly invalidated when a user changes their password in the back end or front end. Affected versions Contao 3. up to 3.5.38 Contao 4.0 Contao 4.1 Contao 4.2 Conta...
CVE-2016-10641
node-bsdiff-android downloads resources over HTTP, which leaves it vulnerable to MITM attacks...
CVE-2016-10641
node-bsdiff-android downloads resources over HTTP, which leaves it vulnerable to MITM attacks...
CVE-2016-10641
node-bsdiff-android downloads resources over HTTP, which leaves it vulnerable to MITM attacks...
CVE-2016-10641
CVE-2016-10641 affects the Android package node-bsdiff-android , where resources are downloaded over HTTP. The underlying vulnerability allows an attacker with network access to modify or read downloaded resources, creating potential for data exposure and, in some scenarios, remote code execution...
CVE-2018-10641
CVE-2018-10641 affects the D-Link DIR-601 A1 (firmware version 1.02NA). The vulnerability allows password changes without presenting the current password, and the new credentials are transmitted in cleartext. This constitutes an authentication bypass enabling potential information exposure (param...