111 matches found
CVE-2023-43010
A flaw was found in WebKitGTK. Processing malicious web content can cause memory corruption due to improper memory handling. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4: evolution-data-server,...
PT-2026-6836
Name of the Vulnerable Software and Affected Versions 3DP-MANAGER versions 2.0.1 and prior Description 3DP-MANAGER, an inbound generator for 3x-ui, automatically creates an administrative account with default credentials admin/admin upon initial setup. An attacker with network access to the...
CVE-2026-22079
The PT-2026-2147 entry specifies that Tenda 300Mbps Wireless Router F3 and Tenda N300 Easy Setup Router are affected by a flaw where login credentials are transmitted in plaintext during the initial login or after a factory reset via the web-based interface. An attacker on the same network could ...
Gladinet Triofox Improper Access Control Vulnerability
Gladinet Triofox contains an improper access control vulnerability that allows access to initial setup pages even after setup is complete...
EUVD-2025-44062
Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete...
CVE-2025-12480
Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete...
CVE-2025-12480
Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete...
CVE-2025-12480
Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete...
CVE-2025-12480
Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete...
VulnCheck KEV: CVE-2025-12480
Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete...
CVE-2025-64385
The equipment initially can be configured using the manufacturer's application, by Wi-Fi, by the web server or with the manufacturer’s software. Using the manufacturer's software, the device can be configured via UDP. Analyzing this communication, it has been observed that any aspect of the initi...
EUVD-2021-27043
Malware in sbrugna...
EUVD-2025-27717
Malicious code in bioql PyPI...
EUVD-2025-31638
Malicious code in bioql PyPI...
CVE-2025-34223
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA/SaaS deployments contain a default admin account and an installation‑time endpoint at /admin/query/updatedatabase.php that can be accessed without authentication. An...
CVE-2025-34223
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA/SaaS deployments contain a default admin account and an installation‑time endpoint at /admin/query/updatedatabase.php that can be accessed without authentication. An...
CVE-2025-34223
CVE-2025-34223 affects Vasion Print Virtual Appliance Host (pre-22.0.1049) and Vasion Print Application (pre-20.0.2786). An unauthenticated attacker can reach an installation-time endpoint at /admin/query/update_database.php, submit arbitrary root_user/root_password values, and replace the defaul...
CVE-2025-34223 Vasion Print (formerly PrinterLogic) Insecure Installation Credentials
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA/SaaS deployments contain a default admin account and an installation‑time endpoint at /admin/query/updatedatabase.php that can be accessed without authentication. An...
PT-2025-39888
Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 22.0.1049 Vasion Print Application versions prior to 20.0.2786 Description The Vasion Print Virtual Appliance Host and Application contain a default admin account and an installation-time endpoint at...
CVE-2025-24322
An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability...