137 matches found
Exploit for Improper Authentication in Adguard Adguardhome
CVE-2026-32136exploit - AdGuard Home h2c Upgrade Auth Bypass...
CVE-2025-31981
HCL BigFix Service Management SM Discovery is vulnerable to unenforced encryption due to port 80 HTTP being open, allowing unencrypted access. An attacker with access to the network traffic can sniff packets from the connection and uncover the data...
CVE-2025-31981
HCL BigFix Service Management (SM) Discovery is affected by unenforced encryption caused by HTTP port 80 being open. An attacker with network access can sniff unencrypted traffic, potentially exposing data (Confidentiality impact: LOW per CVSS). The provided documents do not specify a remediation...
CVE-2025-31981 HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption
HCL BigFix Service Management SM Discovery is vulnerable to unenforced encryption due to port 80 HTTP being open, allowing unencrypted access. An attacker with access to the network traffic can sniff packets from the connection and uncover the data...
CVE-2026-33472 Cryptomator Hub OAuth token exchange HTTP downgrade via getAuthority() scheme confusion (CVE-2026-32303 bypass)
Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority that allows an attacker to bypass the security fix for CVE-2026-32303. The method hardcodes the URI scheme based on port number, causin...
CVE-2026-2491
Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2026-2491 Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability
Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2026-2491
The connected ZDI advisory ZDI-26-129 documents a vulnerability in Socomec DIRIS A-40 power monitoring devices: the HTTP API lacks authentication, allowing network-adjacent attackers to bypass authentication and access functionality over port 80. Impact: unauthorized access to API functions. Expl...
CVE-2026-2491 Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability
Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...
Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web API implementation, which listens on TCP po...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002747)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002747 advisory. The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002928)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002928 advisory. The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic...
VulnCheck KEV: CVE-2020-27866
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this...
CVE-2025-10150
Webserver crash caused by scanning on TCP port 80 in Softing Industrial Automation GmbH gateways and switch.This issue affects smartLink HW-PN: from 1.02 through 1.03 smartLink HW-DP: 1.31...
CVE-2025-10150
Webserver crash caused by scanning on TCP port 80 in Softing Industrial Automation GmbH gateways and switch.This issue affects smartLink HW-PN: from 1.02 through 1.03 smartLink HW-DP: 1.31...
CVE-2025-10150 Webserver crash caused by scanning on TCP port 80
Webserver crash caused by scanning on TCP port 80 in Softing Industrial Automation GmbH gateways and switch.This issue affects smartLink HW-PN: from 1.02 through 1.03 smartLink HW-DP: 1.31...
CVE-2025-10150 Webserver crash caused by scanning on TCP port 80
Webserver crash caused by scanning on TCP port 80 in Softing Industrial Automation GmbH gateways and switch.This issue affects smartLink HW-PN: from 1.02 through 1.03 smartLink HW-DP: 1.31...
EUVD-2025-36438
Webserver crash caused by scanning on TCP port 80 in Softing Industrial Automation GmbH gateways and switch.This issue affects smartLink HW-PN: from 1.02 through 1.03 smartLink HW-DP: 1.31...
EUVD-2024-54998
Malicious code in bioql PyPI...
EUVD-2025-29046
Malicious code in bioql PyPI...