CVE-2026-40620 SenseLive X3050 Missing authentication for critical function

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

EUVD-2026-25362

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

CVE-2026-33890

MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.71, an unauthenticated attacker can register an arbitrary passkey and subsequently authenticate with it to obtain a full admin session. The application exposes passkey registration endpoints without...

Binardat 10G08-0800GSM 信任管理问题漏洞

Binardat 10G08-0800GSM is a high-performance switch from the Chinese company Binardat. The Binardat 10G08-0800GSM Network Switch V300SP10260209 and earlier versions have a vulnerability related to trust management. This vulnerability stems from hardcoded management credentials that cannot be...

Rancher Labs Rancher Licensing Issue Vulnerability (CNVD-2022-65014)

Rancher Labs Rancher is an open source enterprise-class container management platform from Rancher Labs, Inc. Rancher Labs Rancher is vulnerable to an authorization issue that could be exploited by an attacker to escalate a user with a restricted administrator role to full administrator...

Rancher Labs Rancher 安全漏洞

Rancher Labs Rancher is an open source enterprise-class container management platform from Rancher Labs, Inc. Rancher Labs Rancher is vulnerable to an authorization issue that could be exploited by an attacker to escalate a user with a restricted administrator role to full administrator...

The vulnerability of the WISE-4060 Ethernet module’s microprogramming software, related to shortcomings in password change procedures via the web server, allows a hacker to gain full access to the device with administrator privileges.

The vulnerability of the WISE-4060 Ethernet module’s microprogramming software is related to deficiencies in the password change process via the web server. Exploiting this vulnerability could allow an attacker to gain full access to the device with administrator privileges...

PT-2021-11745 · Unknown · Thinkadmin

Name of the Vulnerable Software and Affected Versions: ThinkAdmin version 6 Description: The issue concerns default administrator credentials in ThinkAdmin, allowing attackers to gain unrestricted access to the administrator dashboard. Recommendations: For ThinkAdmin version 6, change the default...

Design/Logic Flaw

A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment, resulting in full...

CVE-2018-1000635

The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains a Information Exposure Through Sent Data vulnerability in OMERO.server that can result in an Attacker gaining full administrative access to server and may be able to disable it. This vulnerability appears to have been...

XAPI HTTP directory traversal

ISSUE DESCRIPTION XAPI has an unauthenticated HTTP endpoint update/ which exports the contents of /var/update for other hosts to use. However, the resolution of . and .. in paths is performed before url unquoting is performed. This allows an attacker to traverse out of the web root. IMPACT An...