CVE-2025-15587

Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface. This issue has been fixed in firmware versions: 1.36 for tcPDU, 1.67 for LK3...

EUVD-2025-208690

Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface. This issue has been fixed in firmware versions: 1.36 for tcPDU, 1.67 for LK3...

CVE-2025-15587

Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface. This issue has been fixed in firmware versions: 1.36 for tcPDU, 1.67 for LK3...

CVE-2025-65011

In WODESYS WD-R608U router also known as WDR122B V2.0 and WDR28 an unauthorised user can view configuration files by directly referencing the resource in question. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version...

CVE-2025-65011

In WODESYS WD-R608U router also known as WDR122B V2.0 and WDR28 an unauthorised user can view configuration files by directly referencing the resource in question. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version...

CVE-2025-65009

In WODESYS WD-R608U router also known as WDR122B V2.0 and WDR28 admin password is stored in configuration file as plaintext and can be obtained by unauthorized user by direct references to the resource in question. The vendor was notified early about this vulnerability, but didn't respond with th...

CVE-2025-65011

CVE-2025-65011 relates to the WODESYS WD-R608U router (aka WDR122B V2.0, WDR28). The observed issue is that an unauthorised user can view configuration files by directly referencing the vulnerable resource, indicating a disclosure/callback exposure due to insufficient access control. The Red Hat ...

CVE-2025-65009

CVE-2025-65009 affects the WODESYS WD-R608U router (WDR122B V2.0 / WDR28). The admin password is stored in plaintext in a configuration file and can be accessed by an unauthorized user via direct reference to the resource. Only version WDR28081123OV1.01 has been tested and confirmed vulnerable; o...

PT-2025-29033

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A double-free issue was identified in the fsl-mc bus driver within the Linux kernel. A commit intended to simplify deallocation procedures inadvertently introduced a double-free on the...

PT-2020-10034 · Abb · Abb Asset Suite

Name of the Vulnerable Software and Affected Versions: ABB Asset Suite versions 9.0 through 9.3 ABB Asset Suite version 9.4 prior to 9.4.2.6 ABB Asset Suite version 9.5 prior to 9.5.3.2 ABB Asset Suite version 9.6.0 Description: The issue is related to insufficient access control in the web...

Chamilo LMS SQL Injection Vulnerability

Chamilo LMS is an open source online learning and collaboration system developed by the Chamilo Association. The system supports the creation of instructional content, distance training and online question and answer sessions. Chamilo LMS suffers from SQL injection vulnerabilities that stem from...