EUVD-2001-1318

Malware in sbrugna...

EUVD-2021-22590

Malware in sbrugna...

EUVD-2022-49466

Malicious code in bioql PyPI...

Exploit for Path Traversal in Igniterealtime Openfire

CVE-2023-32315 - Openfire Authentication Bypass This reposito...

Administration Console authentication bypass in openfire xmppserver

An important security issue affects a range of versions of Openfire, the cross-platform real-time collaboration server based on the XMPP protocol that is created by the Ignite Realtime community. Impact Openfire's administrative console the Admin Console, a web-based application, was found to be...

CVE-2022-46670

Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an...

CVE-2022-46670

Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an...

Cross site scripting

Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an...

CVE-2022-46670 Rockwell Automation MicroLogix 1100 & 1400 Vulnerable to Cross-Site Scripting Attack

Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an...

Exploit for Cross-site Scripting in Akcp Sensorprobe2_Firmware

CVE-2021-35956. Proof of Concept Exploit for CVE-2021-35956,...

WDTV Live SMP 2.03.20 - Remote Password Reset Exploit

Exploit for hardware platform in category web applications WDTV Live SMP Remote Password Reset Vulnerability Date: Jul 14 2017 Author: sw1tch Demo: https://www.sw1tch.net/2017/07/12/wdtv-live-smb-exploit/ Description: A simple remotely exploitable web application vulnerability for the WDTV Live...

WDTV Live SMP Remote Password Reset

WDTV Live SMP Remote Password Reset Vulnerability Date: Jul 14 2017 Author: sw1tch Demo: https://www.sw1tch.net/2017/07/12/wdtv-live-smb-exploit/ Description: A simple remotely exploitable web application vulnerability for the WDTV Live Streaming Media Player and possibly other WDTV systems...

WDTV Live SMP 2.03.20 - Remote Password Reset

WDTV Live SMP 2.03.20 - Remote Password Reset WDTV Live SMP Remote Password Reset Vulnerability Date: Jul 14 2017 Author: sw1tch Demo: https://www.sw1tch.net/2017/07/12/wdtv-live-smb-exploit/ Description: A simple remotely exploitable web application vulnerability for the WDTV Live Streaming Medi...

WDTV Live SMP 2.03.20 - Remote Password Reset

WDTV Live SMP Remote Password Reset Vulnerability Date: Jul 14 2017 Author: sw1tch Demo: https://www.sw1tch.net/2017/07/12/wdtv-live-smb-exploit/ Description: A simple remotely exploitable web application vulnerability for the WDTV Live Streaming Media Player and possibly other WDTV systems...

Yaws 1.91 - Remote File Disclosure

Yaws 1.91 - Remote File Disclosure + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/YAWS-WEB-SERVER-v1.91-UNAUTHENTICATED-REMOTE-FILE-DISCLOSURE.txt + ISR: ApparitionSec Vendor: ========== yaws.hyber.org Product: =========...

Miele Professional PG 8528 - Web Server Directory Traversal（CVE-2017-7240）

Risk Information: Risk Factor: Medium CVSS Base Score: 5.0 CVSS Vector: CVSS2AV:N/AC:L/Au:N/C:P/I:N/A:N CVSS Temporal Vector: CVSS2E:POC/RL:OF/RC:C CVSS Temporal Score: 3.9 Timeline: 2016-11-16 Vulnerability discovered 2016-11-10 Asked for security contact 2016-11-21 Contact with Miele product...

Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow

Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=908 Palo Alto Networks have published a fix for this issue: http://securityadvisories.paloaltonetworks.com/Home/Detail/68 PanOS uses a modified version of the appweb3 embedde...

Misfortune Cookie Home Router Vulnerability Discovered

More than 12 million devices running an embedded webserver called RomPager are vulnerable to a simple attack that could give a hacker man-in-the-middle position on traffic going to and from home routers from just about every leading manufacturer. Mostly ISP-owned residential gateways manufactured...

Beck IPC GmbH IPC@CHIP TelnetD Login Account Brute Force Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2771/info The IPC@Chip is a single-chip embedded webserver from Beck GmbH. The device's inbuilt telnetd service may allow a remote user to repeatedly attempt to login to a given account, without logging or responding to...

ntop 3.3.10 - HTTP Basic Authentication Null Pointer Dereference Denial of Service

ntop 3.3.10 - HTTP Basic Authentication Null Pointer Dereference Denial of Service source: https://www.securityfocus.com/bid/36074/info The 'ntop' tool is prone to a denial-of-service vulnerability because of a NULL-pointer dereference that occurs when crafted HTTP Basic Authentication credential...