9804 matches found
CVE-2025-71318
CVE-2025-71318 concerns NetMan 204, where authentication is not enforced on administrative pages and command endpoints. A remote, unauthenticated attacker can directly access pages (e.g., administration.html, administration-commands.html, configuration.html) to disclose sensitive details such as ...
EUVD-2025-210079
NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages such as administration.html, administration-commands.html, and configuration.html to disclose sensitive information including...
[SECURITY] Fedora 43 Update: freeipa-4.13.1-7.fc43
IPA is an integrated solution to provide centrally managed Identity users, hosts, services, Authentication SSO, 2FA, and Authorization host access control, SELinux user roles, services. The solution provides features for further integration with Linux based clients SUDO, automount and integration...
SUSE CVE-2026-50031
ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...
PT-2026-47014
Name of the Vulnerable Software and Affected Versions NetMan 204 affected versions not specified Description Authentication is not enforced on administrative pages and command endpoints. A remote, unauthenticated attacker can directly request pages such as 'administration.html',...
EUVD-2026-34212
Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet...
EUVD-2026-34183
Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
EUVD-2026-34184
Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
CVE-2026-22055
Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
CVE-2026-22055
Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
CVE-2026-22055
Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
CVE-2026-22054
Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
CVE-2026-22054
Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
Attackers Actively Exploiting Critical Vulnerability in Everest Forms Pro Plugin
On March 30th, 2026, we publicly disclosed a critical Remote Code Execution vulnerability in Everest Forms Pro, a WordPress plugin with an estimated 4,000 active installations. This vulnerability can be leveraged by unauthenticated attackers to execute arbitrary PHP code on the server, leading to...
CVE-2026-7312
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.8234, and 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.8441, 15.3.8500 to 15.3.8531, and 15.4.8600 to 15.4.8630 allows a remote unauthenticated attacker to...
PT-2026-46069
Name of the Vulnerable Software and Affected Versions Active IQ OneCollect version 2.7.3 Description Hard-coded credentials exist within the software, which could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations. Recommendations At the moment, the...
PT-2026-45902
Name of the Vulnerable Software and Affected Versions FreeIPMI versions prior to 1.16.18 Description The ipmi-oem client command, which implements Intelligent Platform Management Interface IPMI OEM commands for specific hardware vendors, contains buffer overflows on response messages. This issue...
FreeIPMI 安全漏洞
FreeIPMI is an open-source server remote management toolset provided by FreeIPMI, which offers features for managing and monitoring IPMI interfaces. Versions of FreeIPMI prior to 1.6.18 contained security vulnerabilities. These vulnerabilities stemmed from buffer overflows in the response message...
NetApp Active IQ OneCollect 安全漏洞
NetApp Active IQ OneCollect is a platform provided by the US-based NetApp company that collects, analyzes, and validates diagnostic data from storage infrastructure. Version 2.7.3 of NetApp Active IQ OneCollect contains a security vulnerability. This vulnerability stems from the use of hardcoded...
Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in the Framework component that has come under active exploitation. Tracked as CVE-2025-48595 CVSS score: 8.4, the security flaw h...