SonicWall Urges Password Resets After Cloud Backup Breach Affecting Under 5% of Customers

SonicWall is urging customers to reset credentials after their firewall configuration backup files were exposed in a security breach impacting MySonicWall accounts. The company said it recently detected suspicious activity targeting the cloud backup service for firewalls, and that unknown threat...

PT-2025-23119 · M2Soft · M2Soft Crownix Report & Ers

Name of the Vulnerable Software and Affected Versions: M2Soft CROWNIX Report & ERS versions 5.x through 5.5.14.1070 M2Soft CROWNIX Report & ERS versions 7.x through 7.4.3.960 M2Soft CROWNIX Report & ERS versions 8.x through 8.2.0.345 Description: An arbitrary file upload issue allows attackers to...

PT-2025-17552 · Totolink · Totolink A810R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A810R version 4.1.2cu.5182 B20201026 Description: A buffer overflow issue was discovered in the cstecgi.cgi of the TOTOLINK A810R. Recommendations: For version 4.1.2cu.5182 B20201026, as a temporary workaround, consider disabling...

GHSA-J757-PF57-F8R4 Gradio performs a non-constant-time comparison when comparing hashes

Impact What kind of vulnerability is it? Who is impacted? This vulnerability involves a timing attack in the way Gradio compares hashes for the analyticsdashboard function. Since the comparison is not done in constant time, an attacker could exploit this by measuring the response time of differen...

PT-2024-27680 · Xinhu · Rockoa

Name of the Vulnerable Software and Affected Versions: Xinhu RockOA version 2.6.3 Description: A reflected cross-site scripting XSS issue was found in the /kaoqin/tpl kaoqin locationchange.html component. Recommendations: For version 2.6.3, consider disabling access to the /kaoqin/tpl kaoqin...

PT-2023-30513 · Relyum · Rely-Rec +1

Name of the Vulnerable Software and Affected Versions: Relyum RELY-PCIe version 22.2.1 Relyum RELY-REC version 23.1.0 Description: The issue is related to Cross Site Request Forgery CSRF attacks, which can be launched against the devices due to the absence of CSRF protection in the web interface...

PT-2022-27443 · Unknown · Web-Based Student Clearance System

Name of the Vulnerable Software and Affected Versions: Web-Based Student Clearance System version 1.0 Description: The Web-Based Student Clearance System contains a cross-site scripting XSS issue in the /Admin/add-student.php endpoint. This allows attackers to execute arbitrary web scripts or HTM...

PT-2017-17643 · Rancher · Rancher Server

Name of the Vulnerable Software and Affected Versions: Rancher Labs rancher server versions 1.2.0 through 1.2.3 Rancher Labs rancher server versions 1.3.0 through 1.3.4 Rancher Labs rancher server versions 1.4.0 through 1.4.2 Rancher Labs rancher server versions 1.5.0 through 1.5.2 Description: T...

tbmnetcms-lfi.txt

------------------------------------------------------------------------------------------------------------- TBmnetCMS v1.0 index.php?content Local File Inclusion Vulnerability http://www.tbmnet.de...