EUVD-2026-32276

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version...

CVE-2026-35087

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version...

CVE-2026-35089

In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obtained without authentication. An unauthenticated attacker can deduce the secure key and obtain admin credentials. This issue was fixed in versions below: - IPx...

CVE-2026-35089

Slican telephone exchanges expose admin credentials because the secure key is generated predictably from exchange properties without authentication. CVE-2026-35089 (and CVE-2026-35087) describe an unauthenticated path to deduce the secure key and gain admin access. Remediations (per affected entr...

PT-2026-43699

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version...

CVE-2026-6400

The Child Height Predictor by Ostheimer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.3. This is due to missing nonce verification in the options function, which handles plugin settings updates. The form template does not include a...

CVE-2010-0549

Unspecified vulnerability in the Network Controller in Xerox WorkCentre 6400 System Software 060.070.109.11407 through 060.070.109.29510, and Net Controller 060.079.11410 through 060.079.29310, allows remote attackers to access "directory structure" via a crafted PostScript file, aka "Unauthorize...

EUVD-2001-0742

Malware in sbrugna...

PT-2025-34889 · Cisco · Cisco Nx-Os +5

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software for Cisco Nexus 3000 Series Switches Cisco Nexus 9000 Series Switches in standalone NX-OS mode Cisco UCS 6400 Fabric Interconnects Cisco UCS 6500 Series Fabric Interconnects Cisco UCS 9108 100G Fabric Interconnects affect...

CVE-2025-6400

A vulnerability was found in TOTOLINK N300RH 6.1c.1390B20191101 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formPortFw of the component HTTP POST Message Handler. The manipulation of the argument servicetype leads to buffer overflow. The...

CVE-2025-6400

creationtimestamp| type| source ---|---|--- 2025-06-21 05:46:51+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19107 2025-06-21 06:01:00+00:00| published-proof-of-concept| Telegram/Xz-dgaIeS-JDgLhKkNvHwT3gdekjXfKp2PSl-1MceJrE2yw 2025-06-21 07:13:29+00:00| seen|...

CVE-2025-6400 TOTOLINK N300RH HTTP POST Message formPortFw buffer overflow

A vulnerability was found in TOTOLINK N300RH 6.1c.1390B20191101 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formPortFw of the component HTTP POST Message Handler. The manipulation of the argument servicetype leads to buffer overflow. The...

CVE-2025-6400

TOTOLINK N300RH (version 6.1c.1390_B20191101) contains a buffer overflow vulnerability in the HTTP POST Message Handler, specifically in /boafrm/formPortFw where the service_type argument can be manipulated to overflow memory. Several sources (NVD/CNVD/CNNVD) describe remote exploitation with hig...

CVE-2024-6400

Cleartext Storage of Sensitive Information, Exposure of Sensitive Information Through Data Queries vulnerability in Finrota Netahsilat allows Retrieve Embedded Sensitive Data, Authentication Bypass, IMAP/SMTP Command Injection, Collect Data from Common Resource Locations. This issue solved in...

CVE-2021-29148

A local cross-site scripting XSS vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series versions: Aruba AOS-CX firmware: 10.04.xxxx ...

CVE-2024-6400

creationtimestamp| type| source ---|---|--- 2024-10-04 15:12:00+00:00| seen| https://t.me/cvedetector/6971...

CVE-2024-6400 Cleartext Storage of Username and Password in Finrota's Netahsilat

Cleartext Storage of Sensitive Information, Exposure of Sensitive Information Through Data Queries vulnerability in Finrota Netahsilat allows Retrieve Embedded Sensitive Data, Authentication Bypass, IMAP/SMTP Command Injection, Collect Data from Common Resource Locations. This issue solved in...

CVE-2023-6400

Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management ZCM allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management ZCM versions: 2020 update 3, 23.3, and 23.4...

CVE-2023-6400 Incorrect user authorization vulnerability on OpenText ZENworks Configuration Management (ZCM) product.

Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management ZCM allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management ZCM versions: 2020 update 3, 23.3, and 23.4...

CVE-2023-6400 Incorrect user authorization vulnerability on OpenText ZENworks Configuration Management (ZCM) product.

Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management ZCM allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management ZCM versions: 2020 update 3, 23.3, and 23.4...