CVE-2025-14432

In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center TAC to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration...

CVE-2025-14432

In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center TAC to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration...

Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078

A vulnerability discovered in Ivanti Endpoint Manager Mobile EPMM, previously branded MobileIron Core allows unauthenticated access to specific API paths. An attacker with access to these API paths can access personally identifiable information PII such as names, phone numbers, and other mobile...

CVE-2021-1284

A vulnerability in the web-based messaging service interface of Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to bypass authentication and authorization and modify the configuration of an affected system. To exploit this vulnerability, the attacker must be able t...

CVE-2021-20650

CVE-2021-20650 is a cross-site request forgery (CSRF) vulnerability affecting ELECOM NCC-EWF100RMWH2. The issue allows an attacker to hijack an administrator’s session and issue an arbitrary request, potentially altering device settings and enabling the telnet daemon via an unspecified vector. Pu...

D-Link AirPlus DI-614+ / DI-624 / DI-704 - DHCP Log HTML Injection

source: https://www.securityfocus.com/bid/10587/info It is reported that the DI-614+, DI-704, and the DI-624 are susceptible to an HTML injection vulnerability in their DHCP log. An attacker who has access to the wireless, or internal network segments of the router can craft malicious DHCP...