NFX Series: Insecure sshd configuration in Juniper Device Manager (JDM) and host OS (JSA10878)

According to its self-reported version number, the remote Juniper Junos device is affected by a vulnerability. With an insecure SSHD configuration in Juniper Device Manager, a remote, unauthenticated attacker can gain access if any of the passwords on the system are empty. The affected SSHD...

The vulnerability of the Alpine Linux Docker distribution, related to the use of a empty password for the pre-installed account, allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Alpine Linux Docker distribution stems from the use of a empty password for the pre-installed root account. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

CVE-2018-15556

The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...

Default credentials

The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...

BELL-CVE-2019-11479 CVE-2019-11479 does not affect BellSoft software

Bulletin has no description...

Symfony Authentication Bypass Vulnerability (Jul 2017)

Symfony is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sensiolabs:symfony"; ...

CVE-2019-3723

Dell EMC OpenManage Server Administrator OMSA versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of web requests to OMSA to create arbitrary files with empty content or delete th...

CVE-2018-12296

Insufficient access control in /api/external/7.0/system.System.getinfos in Seagate NAS OS version 4.3.15.1 allows attackers to obtain information about the NAS without authentication via empty POST requests...

CVE-2018-12296

Insufficient access control in /api/external/7.0/system.System.getinfos in Seagate NAS OS version 4.3.15.1 allows attackers to obtain information about the NAS without authentication via empty POST requests...

OPENSUSE-SU-2019:1310-1 Security update for libsoup

This update for libsoup fixes the following issues: Security issue fixed: - CVE-2018-12910: Fix crash when handling empty hostnames bsc1100097. This update was imported from the SUSE:SLE-15:Update update project...

CVE-2019-9950

Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an authentication bypass vulnerability. The loginmgr.cgi file checks credentials...

Jupyter Notebook Open Redirect Vulnerability

Jupyter Notebook is an open source web application that lets you create and share documents containing live code, equations, visualizations, and narrative text. An open redirection vulnerability exists in Jupyter Notebook versions prior to 5.7.8. An attacker can exploit this vulnerability via emp...

Open redirect

In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255...

PYSEC-2019-158

In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255...

PYSEC-2019-158

In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255...

PT-2019-12060 · Project Jupyter +2 · Jupyter Notebook +2

Name of the Vulnerable Software and Affected Versions: Jupyter Notebook versions prior to 5.7.8 Description: The issue is related to an open redirect that can occur due to an empty netloc. This problem exists because of an incomplete fix for a previously identified issue. Recommendations: For...

The vulnerability of the imap_mail function in the PHP programming language allows a hacker to cause a service failure.

The vulnerability of the imapmail function in the PHP programming language is related to errors in handling empty strings in message arguments. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

PT-2019-1107 · Libyang · Libyang

Name of the Vulnerable Software and Affected Versions: libyang versions prior to v1.0-r1 Description: A double-free issue is present in the yyparse function when an empty description is used, potentially causing a crash or code execution. This issue affects applications that use libyang to parse...

DEBIAN-CVE-2018-12550

When Eclipse Mosquitto version 1.0 to 1.5.5 inclusive is configured to use an ACL file, and that ACL file is empty, or contains only comments or blank lines, then Mosquitto will treat this as though no ACL file has been defined and use a default allow policy. The new behaviour is to have an empty...

UBUNTU-CVE-2018-12550

When Eclipse Mosquitto version 1.0 to 1.5.5 inclusive is configured to use an ACL file, and that ACL file is empty, or contains only comments or blank lines, then Mosquitto will treat this as though no ACL file has been defined and use a default allow policy. The new behaviour is to have an empty...