CVE-2026-49197

Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails...

CVE-2026-49197 Predator Connect W6x: Improper Authentication

Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails...

PT-2026-44767

Name of the Vulnerable Software and Affected Versions Acer Connect affected versions not specified Description Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header. The system fails to block requests when the Base64 decoding process fails, allowing...

EUVD-2017-16570

Malware in sbrugna...

CVE-2017-7565

Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041...

CVE-2024-35537

TVS Motor Company Limited TVS Connect Android v4.6.0 and IOS v5.0.0 was discovered to insecurely handle the RSA key pair, allowing attackers to possibly access sensitive information via decryption...

Hardcoded credentials

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same MQTT queue is used by corresponding physical recuperation devices. Exploiting this vulnerability could potentially allow unauthorized access to manage and read parameters of the recuperation unit...

POST SMTP Mailer < 2.8.8 - Authorization Bypass via type connect-app API

Description The plugin is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to reset the API key used to authenticate to...

VulnCheck KEV: CVE-2023-6875

The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7...

PT-2024-1238 · WordPress · Post Smtp Mailer

Name of the Vulnerable Software and Affected Versions: POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress versions up to, and including, 2.8.7 Description: The issue is related to a type juggling problem on the connect-app REST...

CVE-2019-17098

Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an attacker to decrypt an intercepted payload containing the Wi-Fi network authentication credentials. This issue affects: August Connect Wi-Fi Bridge App version v10.11.0 and prior...

Path traversal

Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041...

CVE-2017-7565

CVE-2017-7565 affects the Splunk Hadoop Connect App and is a path traversal vulnerability. The underlying issue allows remote authenticated users to execute arbitrary code via the vulnerable component/file, as described in multiple sources (ERP-2041). The available data identifies the affected pr...