60 matches found
CVE-2026-8697 Improper Authentication Rate Limiting on TP-Link's Archer C64
Due to improper enforcement of authentication rate-limiting on a debug SSH service in Archer C64 v1, the SSH service allows unlimited authentication attempts and uses the same credentials as the web interface. This enables an attacker to brute-force valid credentials via SSH. Successful...
CVE-2025-32745
Dell PowerFlex Manager, versions =4.6.2, contains an Improper Certificate Validation vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information tampering...
EUVD-2025-209921
Dell PowerFlex Manager, versions =4.6.2, contains an Improper Certificate Validation vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information tampering...
CVE-2026-0233 Autonomous Digital Experience Manager: Improper validation of ADEM certificate
A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges...
CVE-2026-0233
A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges...
CVE-2026-0233 Autonomous Digital Experience Manager: Improper validation of ADEM certificate
A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges...
CVE-2019-25651
Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...
PT-2026-28262
Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...
CVE-2026-26945
Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions prior to 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain a Process Control vulnerability. A high privileged attacker with adjacent...
CVE-2026-26945
Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions prior to 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain a Process Control vulnerability. A high privileged attacker with adjacent...
CVE-2026-26945
Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions prior to 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain a Process Control vulnerability. A high privileged attacker with adjacent...
PT-2026-26132
Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions prior to 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain a Process Control vulnerability. A high privileged attacker with adjacent...
EUVD-2025-208431
A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...
CVE-2025-15568
A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...
CVE-2025-7375
A denial-of-service DoS vulnerability was identified in Omada EAP610 v3. An attacker with adjacent network access can send crafted requests to cause the device’s HTTP service to crash. This results in temporary service unavailability until the device is rebooted. This issue affects Omada EAP610...
CVE-2025-7375
A denial-of-service DoS vulnerability was identified in Omada EAP610 v3. An attacker with adjacent network access can send crafted requests to cause the device’s HTTP service to crash. This results in temporary service unavailability until the device is rebooted. This issue affects Omada EAP610...
CVE-2026-22281
Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions 9.8.0.0 through 9.10.1.3, versions starting from 9.11.0.0 and prior to 9.13.0.0, contains a Time-of-check Time-of-use TOCTOU race condition vulnerability. A low privileged attacker with adjacent...
CVE-2026-22281
Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions 9.8.0.0 through 9.10.1.3, versions starting from 9.11.0.0 and prior to 9.13.0.0, contains a Time-of-check Time-of-use TOCTOU race condition vulnerability. A low privileged attacker with adjacent...
PT-2025-46232
Name of the Vulnerable Software and Affected Versions SAP Business Connector affected versions not specified Description An OS Command Injection issue exists in SAP Business Connector. An authenticated attacker with administrative access and adjacent network access can upload specially crafted...
PT-2025-46438
Name of the Vulnerable Software and Affected Versions IntelR PROSet/Wireless WiFi Software for Windows versions prior to 23.160 Description An out-of-bounds write issue exists in IntelR PROSet/Wireless WiFi Software for Windows. This flaw, located within Ring 2: Device Drivers, could allow for a...