XCharge C6 安全漏洞

XCharge C6 is a series of intelligent electric vehicle DC charging stations developed by the German company XCharge. The XCharge C6 has a security vulnerability. This vulnerability stems from the firmware update mechanism’s failure to verify the authenticity of the firmware packages transmitted...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: phy: leds: fix memory leak A network restart test on a router led to an out-of-memory condition. This issue was traced to a memory leak in the PHY LED trigger code. The root cause is the misuse of the devm API. The...

CVE-2026-27753

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain an authentication bypass vulnerability that allows remote attackers to perform unlimited login attempts against the management interface. Attackers can conduct online password guessing attacks without account lockout or rate...

CVE-2023-53970 Screen SFT DAB 600/C Firmware 1.9.3 Authentication Bypass Reset Board Config

Screen SFT DAB 600/C Firmware 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP-bound session identifiers. Attackers can exploit the vulnerable deviceManagement API endpoint to reset device configurations by sending crafte...

CVE-2023-53776

Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized requests to the device management API by leveraging the session binding mechanism to perform...

CVE-2023-53776

Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized requests to the device management API by leveraging the session binding mechanism to perform...

CVE-2023-53776 Screen SFT DAB 1.9.3 Authentication Bypass via Session Management Weakness

Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized requests to the device management API by leveraging the session binding mechanism to perform...

CVE-2023-53776

CVE-2023-53776 affects Screen SFT DAB 1.9.3, describing an authentication bypass caused by weak session management and reuse of IP-bound session identifiers. This enables attackers to issue unauthorized requests to the device management API and perform critical operations on the transmitter. The ...

EUVD-2007-4803

Malware in sbrugna...

EUVD-2012-6438

Malware in sbrugna...

VMware vCenter Server 访问控制错误漏洞

Vmware VMware vCenter Server is a suite of server and virtualization management software from Vmware, Inc. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructure. vmware vCenter Server is vulnerab...

CVE-2020-3920

UltraLog Express device management interface does not properly perform access authentication in some specific pages/functions. Any user can access the privileged page to manage accounts through specific system directory...

CVE-2020-3920

UltraLog Express device management interface does not properly perform access authentication in some specific pages/functions. Any user can access the privileged page to manage accounts through specific system directory...

CVE-2020-3936 Unisoon UltraLog Express - SQL Injection

UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers can inject arbitrary SQL command...

CVE-2020-3936 Unisoon UltraLog Express - SQL Injection

UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers can inject arbitrary SQL command...

Siemens SICLOCK TC Product Bypass Certification Vulnerability (CNVD-2018-12506)

The SICROCK product line offers components for synchronizing plant and system time. An authentication bypass vulnerability exists in Siemens SICLOCK TC products. An attacker with administrative access to the device management interface could lock out legitimate users...

EUVD-2012-6448

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref ID 36983...