72 matches found
EUVD-2026-29429
Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performin...
CVE-2026-27662
Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performin...
CVE-2026-27662
Technical details are not publicly available in the provided documents. Monitor for updates on affected products, vulnerable components, and remediation.
Siemens SIMATIC
SUMMARY SIMATIC HMI Unified Comfort Panels before V21.0 are affected by a vulnerability that allows an unauthenticated attacker to access the web browser via the help link. This vulnerability allows an attacker to access the web browser through the Control Panel if it is not protected by the...
PT-2026-39987
Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performin...
Siemens SIMATIC HMI Comfort Panels 安全漏洞
Siemens SIMATIC HMI Comfort Panels are touchscreen devices produced by the German company Siemens. There are security vulnerabilities in Siemens SIMATIC HMI Comfort Panels. These vulnerabilities stem from improper restrictions on access to web browsers through the control panel. This allows...
GHSA-Q5FH-2HC8-F6RQ Ray dashboard DELETE endpoints allow unauthenticated browser-triggered DoS (Serve shutdown / job deletion)
Summary Ray’s dashboard HTTP server blocks browser-origin POST/PUT but does not cover DELETE, and key DELETE endpoints are unauthenticated by default. If the dashboard/agent is reachable e.g., --dashboard-host=0.0.0.0, a web page via DNS rebinding or same-network access can issue DELETE requests...
CVE-2023-49001
An issue in Indi Browser aka kvbrowser v.12.11.23 allows an attacker to bypass intended access restrictions via interaction with the com.example.gurry.kvbrowswer.webview component...
CVE-2021-31900
In JetBrains Code With Me bundled to the compatible IDE versions before 2021.1, a client could open a browser on a host...
EUVD-2025-33697
A vulnerability Cacheable SSL Page Found vulnerability has been identified in HCL AION. Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0...
EUVD-2018-14265
Malware in sbrugna...
EUVD-2009-5123
Malware in sbrugna...
EUVD-2017-17805
Malware in sbrugna...
EUVD-2007-6719
Malware in sbrugna...
EUVD-2024-34982
Malicious code in bioql PyPI...
EUVD-2024-32046
Malicious code in bioql PyPI...
CVE-2025-57601
AiKaan Cloud Controller uses a single hardcoded SSH private key and the username proxyuser for remote terminal access to all managed IoT/edge devices. When an administrator initiates "Open Remote Terminal" from the AiKaan dashboard, the controller sends this same static private key to the target...
Citrix Workspace App for MAC - Intermittent sign in failure, browser access works
Administrators may notice that the Mac end points intermittently fail sign into workspace app. Visiting the store via browser would work consistently...
GHSA-V6JV-P6R8-J78W NiceGUI On Air authentication issue
Summary Once a user logins to one browser, all other browsers are logged in without entering password. Even incognito mode. Impact high...
CVE-2024-20382
A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a browser that is accessing an affected...