CVE-2026-50226

Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IMEI numbers. This allows unauthorized actors to list catalog items and extract protected binaries from pre-signed cloud links...

CVE-2025-67508 gardenctl is vulnerable to Command Injection when used with non‑POSIX shells

gardenctl is a command-line client for the Gardener which configures access to clusters and cloud provider CLI tools. When using non‑POSIX shells such as Fish and PowerShell, versions 2.11.0 and below of gardenctl allow an attacker with administrative privileges for a Gardener project to craft...

CVE-2025-67508

CVE-2025-67508 affects gardenctl-v2 (gardenctl) ≤ 2.11.0. When used with non-POSIX shells (e.g., Fish, PowerShell), an attacker with administrative Gardener project privileges can craft malicious credential values that cause infrastructure Secret objects to break out of string context, enabling c...

CVE-2023-20238

A vulnerability in the single sign-on SSO implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system. This vulnerability is due to th...

The vulnerability of the SmartCard Authentication component in the SolarWinds DameWare Mini Remote Control software allows a intruder to execute arbitrary codes.

The vulnerability of the SmartCard Authentication component in the SolarWinds DameWare Mini Remote Control software lies in the lack of a proper mechanism for verifying the source of the credential. Exploiting this vulnerability could allow an attacker to execute arbitrary commands by sending a...

CVE-2023-20238

A vulnerability in the single sign-on SSO implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system. This vulnerability is due to th...

Design/Logic Flaw

A vulnerability in the single sign-on SSO implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system. This vulnerability is due to th...

PT-2023-4831 · Cisco · Cisco Broadworks Application Delivery Platform +1

Name of the Vulnerable Software and Affected Versions: Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform affected versions not specified Description: A vulnerability in the single sign-on SSO implementation of the affected platforms could allow an...

OPC UA .NET Standard Stack 授权问题漏洞

NET Standard Stack is an open source C++ framework from the OPC Foundation in the United States. NET Standard Stack is an open source C++ framework used by the OPC Foundation of the United States for developing and distributing OPC UA client/server applications. NET Standard Stack has a security...