EUVD-2026-0815

An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the application storing its files in an insufficiently protected location that was accessible via the web interface...

Hardcoded credentials

Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of...

Magento 2 Community Edition Server-Side Request Forgery vulnerability

A server-side request forgery SSRF vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to the admin pan...

Trend Micro Worry-Free Business Security (WFBS) Multiple Vulnerabilities (1114098)

The remote host is running a version of the Trend Micro WFBS which is affected by multiple vulnerabilities. An attacker who has already gained a foothold on the local WFBS server may manipulate configuration variables in order to access files outside of the web root folder or modify HTTP response...

Linksys WAP55AG 1.0.7 - SNMP Community String Insecure Configuration

source: https://www.securityfocus.com/bid/9688/info Linksys WAP55AG appliance has been reported prone to an insecure default configuration vulnerability. It has been reported that all SNMP MIB Management Information Base community strings, even read/write strings may be disclosed to a remote...