EUVD-2026-9375

The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver insecurely stores the hardcoded root password hash. The password itself is highly insecure and susceptible to offline dictionary attacks using the...

CVE-2026-29120

The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver insecurely stores the hardcoded root password hash. The password itself is highly insecure and susceptible to offline dictionary attacks using the...

PT-2026-22883

Name of the Vulnerable Software and Affected Versions IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver affected versions not specified Description The /root/anaconda-ks.cfg installation configuration file insecurely stores a hardcoded root password hash. This password is highly susceptible to...

Design/Logic Flaw

In Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via an SMTP configuration test. The installation configuration user interface available to administrators allows testing the configured SMTP server settings. This test function can be used to identify th...

CVE-2021-41619

An issue was discovered in Gradle Enterprise before 2021.1.2. There is potential remote code execution via the application startup configuration. The installation configuration user interface available to administrators allows specifying arbitrary Java Virtual Machine startup options. Some of the...

Security Bulletin: A vulnerability in OpenSSL affects IBM InfoSphere Information Server

Summary A vulnerability in OpenSSL used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID: CVE-2019-1551 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an overflow in the x6464 Montgomery squaring procedure used in...

(0Day) Advantech WebAccess Local Escalation Of Privilege Vulnerability

This vulnerability allows local users to elevate to administrator status on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

MATCHA INVOICE vulnerable to code injection

Overview MATCHA INVOICE provided by ICZ Corporation is a web-based billing management software. MATCHA INVOICE contains a code injection CWE-94 vulnerability due to a flaw when configuring the database during installation. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with...

JDWP Exploitation

JDWP Arbitrary Java Code Execution Exploitation =============================================== Java Debugging Wire Protocol JDWP is the lowlevel protocol used for communication between a debugger and a Java Virtual Machine JVM as outlined in the Java Platform Debugger Architecture. It is often...

cactushop-mdb.txt

Cactushop V6 allows remote users to download the database which contains creditcard numbers and critical information. The affected carts default installation gives away the path to database file. As a result, an attacker exploiting this vulnerability will be able to obtain detailed private custom...

CACTUSHOP 6 Default Installation Allows Remote Database Disclosure

Cactushop V6 allows remote users to download the database which contains creditcard numbers and critical information. The affected carts default installation gives away the path to database file. As a result, an attacker exploiting this vulnerability will be able to obtain detailed private custom...