Schneider Electric EcoStruxure Data Center Expert Hard-coded Password Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Data Center Expert. Authentication is required to exploit this vulnerability. The specific flaw exists within the postgres service, which listens on TCP port 5432 by...

CVE-2025-67304

In Ruckus Network Director RND 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessible over the network on TCP port 5432. An attacker can use the hardcoded credentials to authenticate...

CVE-2025-67304

In Ruckus Network Director RND 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessible over the network on TCP port 5432. An attacker can use the hardcoded credentials to authenticate...

PT-2026-20922

Name of the Vulnerable Software and Affected Versions Ruckus Network Director versions prior to 4.5.0.54 Description Ruckus Network Director RND contains hardcoded credentials for the PostgreSQL database user. By default, the PostgreSQL service is accessible over the network on TCP port 5432. An...

CVE-2025-67304

CVE-2025-67304 affects Ruckus Network Director (RND)

CVE-2025-67304

In Ruckus Network Director RND 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessible over the network on TCP port 5432. An attacker can use the hardcoded credentials to authenticate...

MINI-9R33-C24M-5432

Bulletin has no description...

EUVD-2018-21551

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-5432

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for...

CVE-2025-5432

A vulnerability has been found in AssamLook CMS 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /viewtender.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed t...

CVE-2025-5432

A vulnerability has been found in AssamLook CMS 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /viewtender.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed t...

CVE-2025-5432

CVE-2025-5432 affects AssamLook CMS v1.0. The vulnerability is a SQL injection in the /view_tender.php file triggered by manipulating the ID argument, enabling remote exploitation. Multiple sources confirm exploitable remote access and public disclosure, with vendor non-response noted in the prim...

CVE-2025-5432 AssamLook CMS view_tender.php sql injection

A vulnerability has been found in AssamLook CMS 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /viewtender.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed t...

CVE-2025-5432 AssamLook CMS view_tender.php sql injection

A vulnerability has been found in AssamLook CMS 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /viewtender.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed t...

CVE-2023-5432

The Jquery news ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'jquery-news-ticker' shortcode in versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2019-5432

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding...

Linux Distros Unpatched Vulnerability : CVE-2016-5432

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization RHEV Engine 4.0 allows local users to obtain sensitive database provisioning informati...

Linux Distros Unpatched Vulnerability : CVE-2017-5432

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird...

CVE-2024-40087

Vilo 5 Mesh WiFi System = 5.16.1.33 is vulnerable to Insecure Permissions. Lack of authentication in the custom TCP service on port 5432 allows remote, unauthenticated attackers to gain administrative access over the router...

CVE-2024-40087

Vilo 5 Mesh WiFi System = 5.16.1.33 is vulnerable to Insecure Permissions. Lack of authentication in the custom TCP service on port 5432 allows remote, unauthenticated attackers to gain administrative access over the router...