CVE-2026-2400

CWE-93 Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability exists that could cause application user credentials to reset when a Web Admin user alters the POST /setPCBEDesc request payload...

PT-2026-47013

Name of the Vulnerable Software and Affected Versions NetMan version 204 Description NetMan contains a hard-coded backdoor account with the username and password eurek that provides administrative access. A remote, unauthenticated attacker can authenticate through the "/cgi-bin/login.cgi" endpoin...

CVE-2026-6866 Initialization of a Resource with an Insecure Default vulnerability on EcoStruxure™ Panel Server

CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in rare circumstances, enabling unauthorized authentication using known credentials...

Schneider Electric PowerChute Serial Shutdown CRLF Injection Vulnerability

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. Schneider Electric PowerChute Serial Shutdown suffers from a CRLF injection vulnerability that stems from improper CRLF sequence neutralization, which...

CVE-2026-2400

CWE-93 Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability exists that could cause application user credentials to reset when a Web Admin user alters the POST /setPCBEDesc request payload...

CVE-2026-2400

CVE-2026-2400 is tied to Schneider Electric PowerChute Serial Shutdown. The Nessus/PTSecurity entry confirms that PowerChute Serial Shutdown (pre-1.5) is affected by CRLF Injection via POST /setPCBEDesc, which could trigger credential resets for Web Admin users. The PTSecurity note states that af...

Schneider Electric PowerChute Serial Shutdown 注入漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. Schneider Electric PowerChute Serial Shutdown suffers from a CRLF injection vulnerability that stems from improper CRLF sequence neutralization, which...

CVE-2025-59808

An unverified password change vulnerability CWE-620 vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5....

CVE-2025-59808

An unverified password change vulnerability CWE-620 vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5....

EUVD-2025-202272

An unverified password change vulnerability CWE-620 vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5....

CVE-2025-59808

An unverified password change vulnerability CWE-620 vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5....

PT-2025-50120

Name of the Vulnerable Software and Affected Versions Fortinet FortiSOAR PaaS versions 7.3 through 7.6.2 Fortinet FortiSOAR on-premise versions 7.3 through 7.6.2 Description An unverified password change issue exists that may allow an attacker with existing access to a user account to reset the...

Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise 安全漏洞

Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise are both security orchestration, automation and response software from Fortinet, Inc. A security vulnerability exists in Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise that stems from insufficient password change validation, whi...

Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service. "The files contain encrypted credentials and configuration data; while encryption remains in place, possession of these files could...

EUVD-2019-6141

Malware in sbrugna...

EUVD-2017-3787

Malware in sbrugna...

EUVD-2018-1036

Malware in sbrugna...

EUVD-2025-22544

Malicious code in bioql PyPI...

CVE-2025-6260

The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on the local area network or from the Internet via a router with port forwarding set up, to gain direct access to the thermostat's embedded web server and reset us...

CVE-2025-6260

The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on the local area network or from the Internet via a router with port forwarding set up, to gain direct access to the thermostat's embedded web server and reset us...