360 matches found
CVE-2026-23564 Transmission of Unencrypted Data in Content Distribution Service
A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive informatio...
OctoPrint security vulnerabilities
OctoPrint is an open-source application developed by OctoPrint. It provides a quick web interface for controlling consumer-grade 3D printers. Versions of OctoPrint prior to 1.11.5 have security vulnerabilities. These vulnerabilities stem from the use of character-based comparisons in API key...
CVE-2026-0767 Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability
Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Open WebUI. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2026-0767 Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability
Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Open WebUI. Authentication is not required to exploit this vulnerability. The specific flaw...
PT-2026-3791
Name of the Vulnerable Software and Affected Versions TP-Link Archer C20 versions prior to V6 251031 TP-Link Archer AX53 version prior to V1 251215 Description A logic issue exists in the TDDP module of TP-Link Archer C20 v6.0 and Archer AX53 v1.0. An unauthenticated attacker on an adjacent netwo...
AZL-74943 CVE-2026-21968 affecting package mysql for versions less than 8.0.45-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...
B&R Automation Runtime security vulnerabilities
B&R Automation Runtime is an automation runtime provided by B&R Automation Inc. Versions prior to B&R Automation Runtime 6.5 and R4.93 contained security vulnerabilities. These vulnerabilities stemmed from unlimited resource allocation or throttling in the ANSL-server component, which could allow...
CVE-2025-14233
Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06.02...
Canon’s various products have security vulnerabilities
Canon ImageRunner is a product of the Japanese company Canon. Canon ImageRunner is a series of all-in-one black-and-white printers. Canon imagePROGRAF is a large-format printer. Canon imageCLASS MF644Cdw is a smart and efficient 3-in-1 color multifunctional printer. Several Canon products have...
CVE-2025-14235
Canon Small Office Multifunction Printers and Laser Printers are affected by CVE-2025-14235 due to a buffer overflow in XPS font fpgm data processing. A remote attacker on the network could trigger a crash or arbitrary code execution. Affected firmware: v06.02 and earlier across listed models (Ja...
CVE-2026-0408
A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI...
CVE-2026-0406
An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections...
CVE-2026-0406 Insufficient input validation in NETGEAR Nighthawk router XR1000v2
An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections...
CVE-2026-22080
CVE-2026-22080 affects Tenda 300Mbps Wireless Router F3 and N300 Easy Setup Router. The root cause is credentials transmitted with reversible Base64 encoding via the web-based management interface. An attacker on the same network can intercept traffic to capture the Base64-encoded credentials, po...
CVE-2026-22079 Cleartext Transmission Vulnerability in Tenda Wireless Routers
This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the plaintext transmission of login credentials during the initial login or post-factory reset setup through the web-based administrative interface. An attacker on the same network cou...
CVE-2017-12736
After initial configuration, the Ruggedcom Discovery Protocol RCDP is still able to write to the device under certain conditions. This could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions...
CVE-2025-59886
Improper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access to the device executing privileged user commands. As cybersecurity standards continue to evolve and to meet our requirements today, Eaton has decided to...
CVE-2025-36751
CVE-2025-36751 affects Growatt ShineLan-X and MIC 3300TL-X. The root cause is missing encryption on the configuration interface, enabling an attacker with network access to intercept and potentially manipulate the communication between the inverter and its cloud endpoint. The available connected ...
EUVD-2025-202237
User interface ui misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-40941
A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected devices exposes server information in its responses. This could allow an attacker with network access to gain useful information, increasing the likelihood of targeted attacks...