2931 matches found
CVE-2024-35293
An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS...
CVE-2024-23962 Alpine Halo9 Missing Authentication
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DLT interface, which listens on TCP port 3490 by default. The issue...
CVE-2024-23962 Alpine Halo9 Missing Authentication
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DLT interface, which listens on TCP port 3490 by default. The issue...
CVE-2024-12757 Nedap Librix Ecoreader Missing Authentication for Critical Function
Nedap Librix Ecoreader is missing authentication for critical functions that could allow an unauthenticated attacker to potentially execute malicious code...
CVE-2024-12757 Nedap Librix Ecoreader Missing Authentication for Critical Function
Nedap Librix Ecoreader is missing authentication for critical functions that could allow an unauthenticated attacker to potentially execute malicious code...
CVE-2025-0456
The airPASS from NetVision Information has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access the specific administrative functionality to retrieve all accounts and passwords...
CVE-2025-0456 NetVision Information airPASS - Missing Authentication
The airPASS from NetVision Information has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access the specific administrative functionality to retrieve all accounts and passwords...
CVE-2025-0456 NetVision Information airPASS - Missing Authentication
The airPASS from NetVision Information has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access the specific administrative functionality to retrieve all accounts and passwords...
CVE-2025-0456
The CVE-2025-0456 issue concerns the airPASS product from NetVision Information. The root cause is a Missing Authentication vulnerability that allows unauthenticated remote attackers to access an administrative function and retrieve all accounts and passwords. The connected sources provide high-s...
CVE-2025-0355
Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3...
CVE-2025-0355
Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3...
CVE-2025-0355
Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3...
PT-2025-3848 · Nec · Aterm Wf1200Cr +7
Name of the Vulnerable Software and Affected Versions: NEC Corporation Aterm WG2600HS versions 1.7.2 and earlier NEC Corporation Aterm WF1200CRS versions 1.6.0 and earlier NEC Corporation Aterm WG1200CRS versions 1.5.0 and earlier NEC Corporation Aterm GB1200PE versions 1.3.0 and earlier NEC...
CVE-2024-35277
A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0.15, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to access to the configuration of the managed devices by sending...
CVE-2024-35277
A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0.15, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to access to the configuration of the managed devices by sending...
CVE-2024-35277
CVE-2024-35277 affects Fortinet FortiPortal and FortiManager. The issue is a missing authentication for a critical function, enabling an attacker to access the configuration of managed devices by sending specially crafted packets. Affected versions include FortiPortal 6.0.0–6.0.15 and FortiManage...
Wavlink AC3000 testsave.sh Information Disclosure vulnerability
Talos Vulnerability Report TALOS-2024-2035 Wavlink AC3000 testsave.sh Information Disclosure vulnerability January 14, 2025 CVE Number CVE-2024-39773 SUMMARY An information disclosure vulnerability exists in the testsave.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...
Wavlink AC3000 fw_check.sh Firmware Upload vulnerability
Talos Vulnerability Report TALOS-2024-2037 Wavlink AC3000 fwcheck.sh Firmware Upload vulnerability January 14, 2025 CVE Number CVE-2024-39273 SUMMARY A firmware update vulnerability exists in the fwcheck.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can...
CVE-2024-55538
CVE-2024-55538 affects Acronis True Image on macOS (before build 41725) and Windows (before build 41736). The vulnerability is a missing/authentication-requirement flaw that leads to sensitive information disclosure. Connected sources confirm the root cause and affected versions (macOS before 417...
WordPress plugin FeedFocal 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...