2818 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-6132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Bento4 v1.5.1-627. There is a memory leak in AP4DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp when...
CVE-2025-40594
A vulnerability has been identified in SINAMICS G220 V6.4 All versions V6.4 HF2, SINAMICS S200 V6.4 All versions V6.4 HF7, SINAMICS S210 V6.4 All versions V6.4 HF2. The affected devices allow a factory reset to be executed without the required privileges due to improper privilege management as we...
CVE-2025-40594
A vulnerability has been identified in SINAMICS G220 V6.4 All versions V6.4 HF2, SINAMICS S200 V6.4 All versions V6.4 HF7, SINAMICS S210 V6.4 All versions V6.4 HF2. The affected devices allow a factory reset to be executed without the required privileges due to improper privilege management as we...
CVE-2025-40594
A vulnerability has been identified in SINAMICS G220 V6.4 All versions V6.4 HF2, SINAMICS S200 V6.4 All versions V6.4 HF7, SINAMICS S210 V6.4 All versions V6.4 HF2. The affected devices allow a factory reset to be executed without the required privileges due to improper privilege management as we...
PT-2025-36679
Name of the Vulnerable Software and Affected Versions: SINAMICS G220 versions prior to 6.4 HF2 SINAMICS S200 version 6.4 SINAMICS S210 versions prior to 6.4 HF2 Description: The affected devices allow a factory reset to be executed without the required privileges due to improper privilege...
CVE-2025-26419
In initPhoneSwitch of SystemSettingsFragment.java, there is a possible FRP bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-26419
In initPhoneSwitch of SystemSettingsFragment.java, there is a possible FRP bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-22414
In FrpBypassAlertActivity of FrpBypassAlertActivity.java, there is a possible way to bypass FRP due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-26419
CVE-2025-26419 affects the Wear OS/Android component SystemSettingsFragment.java (initPhoneSwitch). A logic error enables a Factory Reset Protection (FRP) bypass, potentially allowing local elevation of privilege. Exploitation requires user interaction; no additional execution privileges are need...
CVE-2025-26419
In initPhoneSwitch of SystemSettingsFragment.java, there is a possible FRP bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-26419
In initPhoneSwitch of SystemSettingsFragment.java, there is a possible FRP bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-22414
In FrpBypassAlertActivity of FrpBypassAlertActivity.java, there is a possible way to bypass FRP due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-22414
In FrpBypassAlertActivity of FrpBypassAlertActivity.java, there is a possible way to bypass FRP due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-22414
CVE-2025-22414 concerns a local elevation of privilege in FrpBypassAlertActivity.java due to a missing permission check, enabling FRP bypass without user interaction. Public sources identify the Wear OS/System component context and classify the issue as High severity with local access required (A...
PT-2025-36085
Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: A missing permission check in FrpBypassAlertActivity of FrpBypassAlertActivity.java may allow bypass of Factory Reset Protection FRP. This could lead to local privilege escalation without...
PT-2025-36088
Name of the Vulnerable Software and Affected Versions: SystemSettingsFragment.java affected versions not specified Description: A logic error exists in the initPhoneSwitch function within SystemSettingsFragment.java. This issue may lead to a Factory Reset Protection FRP bypass, potentially...
VulnCheck KEV: CVE-2020-24363
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker on the same network to submit a TDDPRESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password...
TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability
TP-link TL-WA855RE contains a missing authentication for critical function vulnerability. This vulnerability could allow an unauthenticated attacker on the same network to submit a TDDPRESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by...
CVE-2025-52130
File upload vulnerability in WebErpMesv2 1.17 in the app/Http/Controllers/FactoryController.php controller. This flaw allows an authenticated attacker to upload arbitrary files, including PHP scripts, which can be accessed via direct GET requests, potentially resulting in remote code execution RC...
CVE-2025-52130
File upload vulnerability in WebErpMesv2 1.17 in the app/Http/Controllers/FactoryController.php controller. This flaw allows an authenticated attacker to upload arbitrary files, including PHP scripts, which can be accessed via direct GET requests, potentially resulting in remote code execution RC...