CVE-2025-70798

Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

EUVD-2025-208539

Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

EUVD-2025-208538

Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2025-70798

Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2025-70798

Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

PT-2026-24431

Name of the Vulnerable Software and Affected Versions Tenda i24V3.0si version 3.0.0.5 Description The firmware contains a hardcoded password, allowing attackers to log in as root. The hardcoded password is located in the '/etc ro/shadow' file. Recommendations Update to a newer version that...

CVE-2025-70798

Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2025-70798

CVE-2025-70798 concerns the Tenda i24V3.0si firmware (v3.0.0.5). Multiple sources confirm a hardcoded password vulnerability in the "/etc_ro/shadow" file that allows an attacker to log in as root. The vulnerability is described consistently across CVE listings and vendor references. Reported impa...

EUVD-2021-11851

Malware in sbrugna...

Tenda W12 安全漏洞

The Tenda W12 is a wireless router that provides wireless network connectivity. A buffer overflow vulnerability exists in Tenda W12 version 3.0.0.5, which originates from the cgiWifiRadioSet function in the /bin/httpd file that fails to properly validate input data when processing a specific...

WordPress Peter's Login Redirect Plugin < 3.0.0.5 XSS Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

CVE-2021-24939

The LoginWP Formerly Peter's Login Redirect WordPress plugin before 3.0.0.5 does not sanitise and escape the rulloginurl and rullogouturl parameter before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting issue...

WordPress 插件跨站脚本漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress LoginWP plugin has a cross-site scripting vulnerability in versions prior to 3.0.0.5, which...

Security Bulletin: Java Quarterly CPU affecting Watson Knowledge Catalog for IBM Cloud Pak for Data

Summary Vulnerabilities in Java are affecting Watson Knowledge Catalog for IBM Cloud Pak for Data. These vulnerabilities have been addressed. Vulnerability Details CVEID: CVE-2019-2989 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to cause no...

Security Bulletin: Vulnerabilities in WebSphere Liberty affecting Watson Knowledge Catalog for IBM Cloud Pak for Data

Summary Vulnerabilities in Apache CXF and Swagger are affecting WebSphere Liberty in Watson Knowledge Catalog for IBM Cloud Pak for Data. These vulnerabilities have been addressed. Vulnerability Details CVEID: CVE-2019-12406 DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by...

Kliqqi Cross-Site Request Forgery Vulnerability (CNVD-2019-16477)

Kliqqi is a content management system CMS. A cross-site request forgery vulnerability exists in Kliqqi version 3.0.0.5. The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a trusted user. An attacker could use this vulnerability to send...

Cross site request forgery (csrf)

Kliqqi 3.0.0.5 allows CSRF with resultant Arbitrary File Upload because module.php?module=upload can be used to configure the uploading of .php files, and then modules/upload/uploadmain.php can be used for the upload itself...

CVE-2016-10756

Kliqqi 3.0.0.5 allows CSRF with resultant Arbitrary File Upload because module.php?module=upload can be used to configure the uploading of .php files, and then modules/upload/uploadmain.php can be used for the upload itself...

Security Bulletin: IBM Streams is affected by Open Source Apache Xerces-C XML parser Vulnerabilities (CVE-2016-0729)

Summary IBM Streams is affected by Open Source Apache Xerces-C XML parser Vulnerabilities. IBM Streams has addressed this vulnerability. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds...

Security Bulletin: Vulnerability in libxml2 affects IBM InfoSphere Streams. (CVE-2015-8710)

Summary There is a vulnerability in libxml2 that is used by IBM InfoSphere Streams. IBM InfoSphere Streams has addressed this vulnerability. Vulnerability Details CVE-ID: CVE-2015-8710 Description: Libxml2 is vulnerable to a denial of service, caused by an out-of-bounds memory access when parsing...