146 matches found
TitanNit Web Control 2.01/Atemio 7600 - Remote Code Execution
The device contains a command injection caused by the 'getcommand' query in the application, letting unauthorized attackers execute system commands with root privileges, exploit requires attacker to send crafted requests. id: CVE-2024-9166 info: name: TitanNit Web Control 2.01/Atemio 7600 - Remot...
Orca Energija Orca heat pump security vulnerabilities
Orca Energija Orca heat pump is a series of air-to-water heat pump systems developed by Orca Energija. There are security vulnerabilities in Orca Energija Orca heat pumps. These vulnerabilities stem from the lack of authentication and plaintext data transmission. Combined with the absence of...
EUVD-2026-13840
Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by an attacker. Valuable information such as the File Start Position and File Data can be sniffed from network traffic using Wireshark's BACnet dissector filter. Th...
EPSON Printers Uncontrolled Search Path Element (CVE-2020-6091)
An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in information disclosure. An attacker can send an...
CVE-2019-18419
A cross-site scripting XSS vulnerability in index.php in ClonOS WEB control panel 19.09 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...
CVE-2019-18418
clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management...
PT-2025-50237
Name of the Vulnerable Software and Affected Versions COMMAX CVD-Axx DVR version 5.1.4 Description The COMMAX CVD-Axx DVR contains weak default administrative credentials, enabling remote password attacks and disclosure of RTSP streams. An attacker can exploit this by sending a POST request to an...
Automated Logic WebCtrl和Carrier i-Vu 安全漏洞
Automated Logic WebCtrl is a web-based building automation system server from Automated Logic, Inc. and Carrier i-Vu is a building management system platform from Carrier Corporation. A security vulnerability exists in Automated Logic WebCtrl and Carrier i-Vu prior to version 8.0, which stems fro...
CVE-2025-64310
EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts. An administrative user's password may be identified through a brute force attack...
CVE-2025-64310
EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts. An administrative user's password may be identified through a brute force attack...
CVE-2025-64310
EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts. An administrative user's password may be identified through a brute force attack...
CVE-2025-64310
Affected products: EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products. Issue: unlimited authentication attempts allow brute force to identify an administrative password (CWE-307). Impact: high risk to confidentiality, integrity, and availability as per CVSS vectors in the co...
SEIKO EPSON Web Config和SEIKO EPSON Web Control 安全漏洞
SEIKO EPSON Web Config and SEIKO EPSON Web Control are both products of SEIKO EPSON Corporation, Japan.SEIKO EPSON Web Config is a Web configuration page.SEIKO EPSON Web Control is a Web management page. A security vulnerability exists in SEIKO EPSON Web Config and SEIKO EPSON Web Control that...
PT-2025-47659
Name of the Vulnerable Software and Affected Versions EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products affected versions not specified Description The software does not limit the number of authentication attempts, potentially allowing an attacker to identify an...
CVE-2024-8527
CVE-2024-8527 affects Automated Logic WebCTRL and Carrier i-Vu, versions 6.0–9.0. The weakness is an open redirect triggered by a user-supplied URL parameter (e.g., unvalidated wbs parameter), which could enable an attacker to redirect victims to a malicious site or exploit user sessions. Documen...
Automated Logic WebCtrl和Carrier i-Vu 安全漏洞
Automated Logic WebCtrl is a server for web-based building automation systems from Automated Logic, Inc. and Carrier i-Vu is a building management system platform from Carrier Corporation. A security vulnerability exists in Automated Logic WebCtrl and Carrier i-Vu that stems from the presence of ...
编号撤回
WatchGuard Firebox is a WatchGuard company that provides comprehensive network security services, from traditional IPS and GAV to web site/application control and malicious software prevention. This CVE number has been withdrawn...
EUVD-2016-0882
Malware in sbrugna...
EUVD-2016-3356
Malware in sbrugna...
EUVD-2019-6539
Malware in sbrugna...