CVE-2019-14665

Brandy 1.20.1 has a heap-based buffer overflow in definearray in variables.c via crafted BASIC source code...

CVE-2019-13394

The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over cleartext HTTP...

CVE-2019-17393

The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP in cleartext that can be sniffed by unauthorized actors. Basic authentication is used for the authentication, making it possible to base64 decode the sniffed credentials and discover the username and...

CVE-2019-14663

Brandy 1.20.1 has a stack-based buffer overflow in fileioopenin in fileio.c via crafted BASIC source code...

CVE-2019-16067

NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access control to the web application. The use of weak authentication transmitted over cleartext protocols can allow an attacker to steal username and password combinations by intercepting authentication...

CVE-2019-13393

The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphrase for the administrative console and the WPA2 pre-shared key. Either an attack against HTTP Basic Authentication or an attack against WPA2 could be used to determine this passphrase...

CVE-2019-19514

Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in basic repeater settings via an SSID...

CVE-2018-7823

A Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause remote launch of SoMachine Basic when sending crafted ethernet message...

CVE-2010-5338

IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter dlgcaptchaaction is non-persistent in 10.1.3 and 10.2.0...

CVE-2010-5337

IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter dlgcaptchacontroller is non-persistent in 10.1.3 and 10.2.0...

CVE-2010-0695

Cross-site scripting XSS vulnerability in pages/index.php in BASIC-CMS allows remote attackers to inject arbitrary web script or HTML via the navid parameter...

CVE-2019-19720

Yabasic 2.86.1 has a heap-based buffer overflow in the yylex function in flex.c via a crafted BASIC source file...

CVE-2018-7822

An Incorrect Default Permissions CWE-276 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic...

CVE-2018-7821

An Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated...

CVE-2010-1334

Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in an unspecified directory, a different...

CVE-2009-3481

A certain interface in the iCRM Basic comicrmbasic component 1.4.2.31 for Joomla! does not require administrative authentication, which has unspecified impact and remote attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informati...

CVE-2008-2429

Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to execute arbitrary SQL commands via 1 the catsearch parameter to calsearch.php or 2 the catview parameter to calcat.php. NOTE: vector 1 might overlap CVE-2007-3183.3, and vector 2 might overlap...

CVE-1999-0384

The Forms 2.0 ActiveX control included with Visual Basic for Applications 5.0 can be used to read text from a user's clipboard when the user accesses documents with ActiveX content...

CVE-2025-4978 Netgear DGND3700 Basic Authentication BRS_top.html improper authentication

A vulnerability, which was classified as very critical, was found in Netgear DGND3700 1.1.00.151.00.15NA. This affects an unknown part of the file /BRStop.html of the component Basic Authentication. The manipulation leads to improper authentication. It is possible to initiate the attack remotely...

CVE-2025-4978 Netgear DGND3700 Basic Authentication BRS_top.html improper authentication

A vulnerability, which was classified as very critical, was found in Netgear DGND3700 1.1.00.151.00.15NA. This affects an unknown part of the file /BRStop.html of the component Basic Authentication. The manipulation leads to improper authentication. It is possible to initiate the attack remotely...