30 matches found
CVE-2025-44039
CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections for its UART console. This vulnerability allows local attackers to connect to the UART port via a serial connection, read all boot sequence, and revealing internal system details and sensitive...
IBM Power Hardware Management Console 安全漏洞
IBM Power Hardware Management Console HMC is a suite of graphical interface software from International Business Machines IBM for configuring and managing the Power System family of servers. The software is primarily used to manage hardware such as servers. A security vulnerability exists in IBM...
Security Bulletin: Vulnerability in expact library (CVE-2024-50602) affects Power HMC.
Summary The expat library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-50602 DESCRIPTION: An issue was discovered in libexpat before 2.6.4. There is a crash within the XMLResumeParser function because XMLStopParser ca...
RHEL 9 : OpenShift Container Platform 4.13.55 (RHSA-2025:1118)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:1118 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
Magento OS command injection via the customer attribute save controller
Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are vulnerable to an OS command injection via the customer attribute save controller. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required...
Patch now! FatPipe VPN zero-day actively exploited
According to its marketing team, a FatPipe MPVPN can make your VPN "900% more secure." Well, I dont know about that, but I do know a way to make your MPVPN admin console 100% more secure, and that you should do so right away, by installing the latest version of its software. Why? Because older...
CVE-2019-13393
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphrase for the administrative console and the WPA2 pre-shared key. Either an attack against HTTP Basic Authentication or an attack against WPA2 could be used to determine this passphrase...
Nintendo 3DS also got Hacked Within 24 Hours after Release !
The new Nintendo 3DS didn't last 24 hours in Japan before hackers jailbroke the device to support Revolution For DS R4 flash cards that play old Nintendo games. Although R4 cards were built for Nintendo DS, the hackers show how they can use the storage cards to run homebrew and older Nintendo gam...
CVE-2010-1428
The Web Console aka web-console in JBossAs in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an...
F5 FirePass Content Inspection Management XSS
F5 FirePass Content Inspection Management XSS Product: F5 FirePass http://www.f5.com/products/firepass/ The F5 FirePass SSL VPN appliance provides rudimentary web request sanitization for resources exposed through the appliance via Portal Access. This Content Inspection feature can be configured...