CVE-2025-2348

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been classified as problematic. Affected is an unknown function of the file /mnt/extsd/event/ of the component HTTP/RTSP. The manipulation leads to information disclosure. The attack needs to be initiated within the local...

CVE-2025-2341

A vulnerability was found in IROAD Dash Cam X5 up to 20250203. It has been rated as problematic. This issue affects some unknown processing of the component SSID. The manipulation leads to use of default credentials. The attack needs to be initiated within the local network. The complexity of an...

CVE-2025-2341 IROAD Dash Cam X5 SSID default credentials

A vulnerability was found in IROAD Dash Cam X5 up to 20250203. It has been rated as problematic. This issue affects some unknown processing of the component SSID. The manipulation leads to use of default credentials. The attack needs to be initiated within the local network. The complexity of an...

IROAD FX2 安全漏洞

IROAD FX2 is a car recorder from IROAD. A security vulnerability exists in IROAD FX2 20250308 and prior versions, which stems from an insufficient password hash calculation that requires an attack to be launched on the local network...

IROAD X5 安全漏洞

IROAD X5 is a car recorder from IROAD. A security vulnerability exists in IROAD X5 that stems from hard-coded credentials that require an attack to be launched on the local network...

IROAD FX2 安全漏洞

IROAD FX2 is a car recorder from IROAD. A security vulnerability exists in IROAD FX2 20250308 and prior versions that stems from the use of a default password that requires an attack to be initiated on the local network...

CVE-2025-24053

CVE-2025-24053 is linked to Microsoft Dataverse and is described as an improper authentication vulnerability that could allow an authenticated attacker to escalate privileges over the network. The vulnerability is documented across multiple feeds (NVD, Microsoft, Red Hat) with the same essence: e...

Siemens SCALANCE X-200RNA Switch Devices Cryptographic Issues (CVE-2015-0285)

The ssl3clienthello function in s3clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and then conducting a brute-force...

CVE-2025-2233 Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability

Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Samsung SmartThings. Authentication is not required to exploit this vulnerability. T...

CVE-2025-26634

Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network...

CVE-2025-21247

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network...

UBUNTU-CVE-2025-24070

Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-2122

The CVE-2025-2122 entry concerns Thinkware Car Dashcam F800 Pro (up to 20250226). Affected component: Connection Handler. Vulnerability type: denial of service caused by manipulation of the Connection Handler, with attack possible only on the local network. Exploitation is described as high compl...

CVE-2025-2121

CVE-2025-2121 affects Thinkware Car Dashcam F800 Pro up to 20250226. The vulnerability resides in the File Storage component, with an unknown function enabling improper access controls exploitable from the local network. The exploit has been publicly disclosed and the vendor has not responded. A ...

PT-2025-10450 · Thinkware · Thinkware Car Dashcam F800 Pro

Name of the Vulnerable Software and Affected Versions: Thinkware Car Dashcam F800 Pro up to 20250226 Description: A vulnerability was found in the Connection Handler component of the Thinkware Car Dashcam F800 Pro, which can be exploited to cause a denial of service. The attack can only be...

Linux Distros Unpatched Vulnerability : CVE-2022-2393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw...

Linux Distros Unpatched Vulnerability : CVE-2023-51594

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive informati...

Linux Distros Unpatched Vulnerability : CVE-2024-3661

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DHCP can add routes to a client's routing table via the classless static route option 121. VPN-based security solutions that rely on routes to redirect traffic...

Linux Distros Unpatched Vulnerability : CVE-2019-15681

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak CWE-655 in VNC server code, which allow an attacker to read stack memory an...

Linux Distros Unpatched Vulnerability : CVE-2017-3463

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.5.54 and...