532 matches found
CVE-2025-67114
Use of a deterministic credential generation algorithm in /ftl/bin/calcf2 in Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device's MAC address, enabling authentication bypass an...
PT-2026-26319
Use of a deterministic credential generation algorithm in /ftl/bin/calc f2 in Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device's MAC address, enabling authentication bypass a...
CVE-2025-67114
Use of a deterministic credential generation algorithm in /ftl/bin/calcf2 in Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device's MAC address, enabling authentication bypass an...
EUVD-2025-208224
Cleartext Storage of Sensitive Information CWE-312 in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator's mobile device to extract the session token and exploit access for a limited duration. This issue affects Command Centre Mobile...
CVE-2022-50975
An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...
CVE-2022-50975
An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...
CVE-2022-50975 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated access to device configuration
An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...
CVE-2022-50975
An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...
Innomic VibroLine Series 访问控制错误漏洞
The Innomic VibroLine Series is a professional vibration measurement and analysis system developed by the German company Innomic. The Innomic VibroLine Series contains a security access control vulnerability. This vulnerability arises from the possibility for unverified remote attackers to use th...
PT-2026-5662
An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...
Hubitat Elevation security vulnerability
Hubitat Elevation is a localized smart home control system developed by Hubitat Inc. Versions prior to Hubitat Elevation 2.4.2.157 contained security vulnerabilities. These vulnerabilities were caused by user-controllable keys that allowed unauthorized access, potentially allowing remote...
Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-26950)
The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26950 advisory. - In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access devic...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001596)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001596 advisory. A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact...
CVE-2026-22911
The CVE-2026-22911 issue concerns firmware update files that may expose password hashes for system accounts, enabling a remote attacker to recover credentials and gain unauthorized access to the device. Public references identify this as impacting SICK TDC-X401GL (and related advisories), with th...
CVE-2026-22911
Firmware update files may expose password hashes for system accounts, which could allow a remote attacker to recover credentials and gain unauthorized access to the device...
PT-2026-2992
Name of the Vulnerable Software and Affected Versions Affected versions not specified Description Firmware update files may reveal password hashes for system accounts. A remote attacker could potentially recover credentials and obtain unauthorized access to the device. Recommendations At the...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002148)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002148 advisory. The kvmapichasevents function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service NULL pointer dereference and...
CVE-2021-33716
A vulnerability has been identified in SIMATIC CP 1543-1 incl. SIPLUS variants All versions V3.0, SIMATIC CP 1545-1 All versions V1.1. An attacker with access to the subnet of the affected device could retrieve sensitive information stored in cleartext...
PT-2026-1252
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to Network File System NFS automounting. Specifically, automounted filesystems do not consistently inherit superblock mount options like read-on...
CVE-2025-3646
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerability that allows unauthorized users to add users as shared owners to any device by exploiting missing permission checks. Attackers can send requests to the device share API to gain unauthorized acce...