1861 matches found
CVE-2026-29521
Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...
CVE-2026-29521
CVE-2026-29521 affects Hereta ETH-IMC408M devices with firmware 1.0.15 and earlier, where missing CSRF protections in setup.cgi allow cross-site request forgery. An attacker hosting malicious pages can submit forged requests using automatically-included HTTP Basic Authentication credentials to mo...
CVE-2026-29521 Hereta ETH-IMC408M CSRF via Configuration Setup
Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...
PT-2026-25784
Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...
CVE-2026-28543
Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...
EUVD-2026-9803
Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-28543
Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-28543
Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-28543
Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-28543
Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-28543
Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-28543
Technical details about CVE-2026-28543 are not publicly available in the provided documents. Monitor for updates from Huawei bulletins and relevant security advisories.
PT-2026-23423
Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...
Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server traditional which is affected by a denial of service due to jose4j.
Summary The security issue described in CVE-2024-29371 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixe...
Honeywell Trend IQ4xx BMS Controller Unauthenticated Remote Web-HMI Control And Lockout
Summary The Honeywell IQ4 Trend IQ4 is a line of intelligent building-management controllers designed to provide advanced unitary control, HVAC integration, and scalable I/O expansion for commercial environments. These controllers use Ethernet and TCP/IP networking with embedded XML, support BACn...
Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server traditional which could provide weaker than expected security.
Summary The security issue described in CVE-2025-13333 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixe...
CVE-2026-25857
Tenda G300-F router firmware version 16.01.14.2 and prior contain an OS command injection vulnerability in the WAN diagnostic functionality formSetWanDiag. The implementation constructs a shell command that invokes curl and incorporates attacker-controlled input into the command line without...
CVE-2026-23106
In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When doajdtimex was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When called on an auxiliary timekeeper, the...
UBUNTU-CVE-2026-23106
In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When doajdtimex was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When called on an auxiliary timekeeper, the...
CVE-2026-20987
Improper input validation in GalaxyDiagnostics prior to version 3.5.050 allows local privileged attackers to execute privileged commands...