CVE-2025-40753

A vulnerability has been identified in POWER METER SICAM Q100 7KG9501-0AA01-0AA1 All versions = V2.60 = V2.60 = V2.60 = V2.60 = V2.70 V2.80. Affected devices export the password for the SMTP account as plain text in the Configuration File. This could allow an authenticated local attacker to extra...

CVE-2025-40753

A vulnerability has been identified in POWER METER SICAM Q100 7KG9501-0AA01-0AA1 All versions = V2.60 = V2.60 = V2.60 = V2.60 = V2.70 V2.80. Affected devices export the password for the SMTP account as plain text in the Configuration File. This could allow an authenticated local attacker to extra...

AXIS Device Manger 安全漏洞

AXIS Device Manger is an on-premise tool from Axis Sweden AXIS that provides a simple, cost-effective and secure way to perform device management. AXIS Device Manger has a security vulnerability that stems from insufficient validation of ACAP configuration file inputs, which could lead to the...

PT-2025-32656 · Siemens · Sicam Q100 +1

Name of the Vulnerable Software and Affected Versions: POWER METER SICAM Q100 versions 2.60 through 2.61 POWER METER SICAM Q200 versions 2.70 through 2.79 Description: Affected devices export the password for the SMTP account as plain text in the configuration file. This could allow an...

CVE-2025-8810 Tenda AC20 SetFirewallCfg strcpy stack-based overflow

A vulnerability classified as critical was found in Tenda AC20 16.03.08.05. Affected by this vulnerability is the function strcpy of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit...

CVE-2025-8757

A vulnerability was found in TRENDnet TV-IP110WN 1.2.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /server/boa.conf of the component Embedded Boa Web Server. The manipulation leads to least privilege violation. Local access is required to approa...

CVE-2025-8757 TRENDnet TV-IP110WN Embedded Boa Web Server boa.conf least privilege violation

A vulnerability was found in TRENDnet TV-IP110WN 1.2.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /server/boa.conf of the component Embedded Boa Web Server. The manipulation leads to least privilege violation. Local access is required to approa...

TRENDnet TV-IP110WN 安全漏洞

The TRENDnet TV-IP110WN is a wireless webcam from Trendnet, Inc. A security vulnerability exists in TRENDnet TV-IP110WN version 1.2.2, which stems from a least privilege violation in the file /server/boa.conf...

CVE-2025-51055

Insecure Data Storage of credentials has been found in /apivedo/configuration/config.yml file in Vedo Suite version 2024.17. This file contains clear-text credentials, secret keys, and database information...

CVE-2025-51055

Insecure Data Storage of credentials has been found in /apivedo/configuration/config.yml file in Vedo Suite version 2024.17. This file contains clear-text credentials, secret keys, and database information...

Bottinelli Informatical Vedo Suite 安全漏洞

Bottinelli Informatical Vedo Suite is an enterprise software suite for the textile and design industry from Bottinelli Informatica, Italy. An information disclosure vulnerability exists in Bottinelli Informatical Vedo Suite, which stems from plaintext credentials stored in the...

CVE-2025-50460

A remote code execution RCE vulnerability exists in the ms-swift project version 3.3.0 due to unsafe deserialization in tests/run.py using yaml.load from the PyYAML library versions = 5.3.1. If an attacker can control the content of the YAML configuration file passed to the --runconfig parameter,...

CVE-2013-10036

A stack-based buffer overflow vulnerability exists in Beetel Connection Manager version PCWBTLINDV1.0.0B04 when parsing the UserName parameter in the NetConfig.ini configuration file. A crafted .ini file containing an overly long UserName value can overwrite the Structured Exception Handler SEH,...

CVE-2013-10036 Beetel Connection Manager NetConfig.ini Stack-Based Buffer Overflow

A stack-based buffer overflow vulnerability exists in Beetel Connection Manager version PCWBTLINDV1.0.0B04 when parsing the UserName parameter in the NetConfig.ini configuration file. A crafted .ini file containing an overly long UserName value can overwrite the Structured Exception Handler SEH,...

PT-2025-31534 · Undefined · Undefined

A stack-based buffer overflow vulnerability exists in Beetel Connection Manager version PCW BTLINDV1.0.0B04 when parsing the UserName parameter in the NetConfig.ini configuration file. A crafted .ini file containing an overly long UserName value can overwrite the Structured Exception Handler SEH,...

TP-Link Archer C50 router is vulnerable to configuration-file decryption

Overview The TP-Link Archer C50 router, which has reached End-of-Life EOL, contains a hardcoded encryption key in its firmware, enabling decryption of sensitive configuration files. This vulnerability allows attackers to trivially access administrative credentials, Wi-Fi passwords, and other...

PT-2025-31702

Name of the Vulnerable Software and Affected Versions Cursor versions 1.2.4 and earlier Description Cursor is a code editor designed for AI-assisted programming. A flaw, dubbed MCPoison CVE-2025-54136, allows attackers to achieve remote and persistent code execution. This is accomplished by...

CVE-2025-8182

A vulnerability has been found in Tenda AC18 15.03.05.19 and classified as problematic. This vulnerability affects unknown code of the file /etcro/smb.conf of the component Samba. The manipulation leads to weak password requirements. The attack can be initiated remotely. The complexity of an atta...

WWBN AVideo 安全漏洞

WWBN AVideo is a video platform builder written in PHP by the WWBN team. A security vulnerability exists in WWBN AVideo version 14.4, which stems from the presence of an incomplete blacklist in the .htaccess sample and could lead to the execution of arbitrary code...

CVE-2025-8069

During the AWS Client VPN client installation on Windows devices, the install process references the C:\usr\local\windows-x8664-openssl-localbuild\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If...