The vulnerability of the ABB PCM600 control and configuration device allows a intruder to gain access to user passwords.

The vulnerability of the ABB PCM600 control and configuration device lies in the storage of passwords in an unencrypted form. Exploiting this vulnerability could allow a malicious actor, operating locally, to gain access to the passwords of the IEC61850 OPC server by analyzing the System.xml...

The vulnerability of the microprogramming software in the Solar-Log photovoltaic system allows a remote attacker to gain unauthorized access to confidential information.

The vulnerability of the Microprogramming Software in the Solar-log photovoltaic system arises from the lack of password protection for CGI scripts used for data backup, restoration, and system configuration. Exploiting this vulnerability allows a malicious individual to gain unauthorized access ...

The vulnerability of the Serv-U File Server allows a remote attacker to obtain information about the system’s configuration and user authentication credentials.

The vulnerability of the Serv-U File Server software relates to errors that occur during the processing of application variables. Exploiting this vulnerability allows a malicious attacker to obtain system configuration information, including user authentication data...

Riverbed SteelCentral Default Credentials (SSH)

The remote Riverbed SteelCentral system is using known default credentials for the SSH login. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-late...

CVE-2016-1427

The System Configuration Protocol SCP core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694...

Cisco Prime Network Registrar System Configuration Protocol Information Disclosure Vulnerability

A vulnerability in the System Configuration Protocol SCP core messaging interface of the Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability ...

The plant controller has a remote vulnerability and no patch-vulnerability warning-the black bar safety net

Power station use of an industrial control system has not patched the vulnerability, an attacker can remotely exploit it to gain network control. Remedy method? Turning off the function or replace the equipment. Power station use of an industrial control system has not patched the vulnerability, ...

An arbitrary file read vulnerability recorded-vulnerability warning-the black bar safety net

Black box testing Black-box testing found that an interface exist arbitrary file read vulnerability. ! "" The preferred determination is file read or file contains, because filegetcontent“/etc/passwd”include“/etc/passwd”black box view of the performance may be the same. And the file contains is c...

Pulse Connect Secure Cross-Site Scripting Vulnerability (CNVD-2016-03677)

Pulse Connect Secure aka PCS, formerly known as Juniper Junos Pulse is a suite of SSL VPN solutions from Pulse Secure, a US-based company. A cross-site scripting vulnerability exists in the system configuration section of the administrator user interface of PCS. A remote attacker could exploit th...

CVE-2016-4789

Cross-site scripting XSS vulnerability in the system configuration section in the administrative user interface in Pulse Connect Secure PCS 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via unspecified...

Ubiquiti Inc.: UniFi Video Server - Broken access control on system configuration

In UniFi Video Server prior to 3.7.0, an attacker with user permissions can download the Backup and Support files...

Cisco FirePower series firewall vulnerability that allows malware to bypass detection-vulnerability warning-the black bar safety net

CISCO FirePower series firewall devices there is a security vulnerability that allows malware to bypass detection mechanisms. Cisco is working to issue a security update program to a critical Vulnerability, CVE-2 0 1 6-1 3 4 5 the vulnerability affects Cisco one of the latest products-FirePower...

Exagrid Known Private Key Vulnerability (SSH) - Active Check

The Exagrid device is using a known SSH private key. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 22 : ca-certificates-2015.2.6-1.0.fc22 (2015-6fb2c59536)

This is an update to the set of CA certificates version 2.6 as released with NSS version 3.21 However, as in previous versions of the ca-certificates package, the CA list has been modified to keep several legacy CAs still trusted for compatibility reasons. Please refer to the project URL for...

Protecting Personal Information: Freedom Box

FreedomBox is a personal server that protects your privacy. It hosts on demand applications such as file sharing, shared calendaring, instant messaging, secure voice conference calling, blog and wiki. FreedomBox is a free software stack, a subset of the Debian universal operating system, that can...

Quagga Server No Password (TCP)

The remote Quagga server is not protected with a password. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:quagga:quagga"; if...

The vulnerability of the Android operating system allows a perpetrator to alter settings or circumvent security mechanisms, resetting them to factory settings.

The vulnerability of Android system configuration masters is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to alter settings or bypass security measures, restoring them to their factory defaults...

Adcon A840 Telemetry Gateway 'adv' Default Credentials (Telnet)

The remote Adcon A840 Telemetry Gateway has default credentials set. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

RedHat Update for grub2 RHSA-2015:2623-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HomeMatic Default Credentials (SSH)

The remote HomeMatic device is using known default credentials. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...